docs.microsoft.com Open in urlscan Pro
2a02:26f0:64:585::353e Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://azure.microsoft.com/email/?destination=https%3A%2F%2Faka.ms%2Fatasaguide-recsamr&p=bT1kMTFmY2I0Ni1mOTNlLTRhZDUtOGI3Y...
Effective URL:
https://docs.microsoft.com/en-us/azure-advanced-threat-protection/atp-reconnaissance-alerts
Submission: On July 12 via api (July 12th 2020, 8:33:19 pm UTC) from US

Summary HTTP 29 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 10 IPs in 6 countries across 10 domains to perform 29 HTTP transactions. The main IP is 2a02:26f0:64:585::353e, located in Ascension Island and belongs to AKAMAI-ASN1, EU. The main domain is docs.microsoft.com.
TLS certificate: Issued by Microsoft IT TLS CA 1 on April 19th 2019. Valid for: 2 years.

This is the only time docs.microsoft.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2620:1ec:21::16 2620:1ec:21::16	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	23.38.17.26 23.38.17.26	16625 (AKAMAI-AS) (AKAMAI-AS)
11	2a02:26f0:64:... 2a02:26f0:64:585::353e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	152.199.19.160 152.199.19.160	15133 (EDGECAST) (EDGECAST)
2	40.77.226.250 40.77.226.250	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE)
1	151.101.114.217 151.101.114.217	54113 (FASTLY) (FASTLY)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
10 10	140.82.118.4 140.82.118.4	36459 (GITHUB) (GITHUB)
10	151.101.112.133 151.101.112.133	54113 (FASTLY) (FASTLY)
1	99.80.110.198 99.80.110.198	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c04::9d	15169 (GOOGLE) (GOOGLE)
29	10

1 2620:1ec:21::16 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

azure.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.38.17.26 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)

aka.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:26f0:64:585::353e (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

docs.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.19.160 (United States)

ASN15133 (EDGECAST, US)

az725175.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 40.77.226.250 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

web.vortex.data.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.speedcurve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c1.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 140.82.118.4 (United States) 10 redirects

ASN36459 (GITHUB, US)

github.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.112.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

avatars0.githubusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
avatars1.githubusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
avatars3.githubusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.80.110.198 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-110-198.eu-west-1.compute.amazonaws.com

w.usabilla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	microsoft.com 2 redirects azure.microsoft.com docs.microsoft.com web.vortex.data.microsoft.com c1.microsoft.com	489 KB
10	githubusercontent.com avatars0.githubusercontent.com avatars1.githubusercontent.com avatars3.githubusercontent.com	19 KB
10	github.com 10 redirects github.com	23 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
1	doubleclick.net stats.g.doubleclick.net	133 B
1	usabilla.com w.usabilla.com	11 KB
1	bing.com 1 redirects c.bing.com	434 B
1	speedcurve.com cdn.speedcurve.com	7 KB
1	msecnd.net az725175.vo.msecnd.net	18 KB
1	aka.ms 1 redirects aka.ms	588 B
29	10

	Domain	Requested by
11	docs.microsoft.com	docs.microsoft.com
10	github.com	10 redirects
4	avatars3.githubusercontent.com
4	avatars0.githubusercontent.com
2	avatars1.githubusercontent.com
2	c1.microsoft.com	1 redirects
2	www.google-analytics.com	1 redirects docs.microsoft.com
2	web.vortex.data.microsoft.com	az725175.vo.msecnd.net
1	stats.g.doubleclick.net
1	w.usabilla.com	docs.microsoft.com
1	c.bing.com	1 redirects
1	cdn.speedcurve.com	docs.microsoft.com
1	az725175.vo.msecnd.net	docs.microsoft.com
1	aka.ms	1 redirects
1	azure.microsoft.com	1 redirects
29	15

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
github.com
twitter.com
www.linkedin.com
www.facebook.com
gallery.technet.microsoft.com
aka.ms
techcommunity.microsoft.com
go.microsoft.com

Subject Issuer	Validity	Valid
docs.microsoft.com Microsoft IT TLS CA 1	`2019-04-19` - `2021-04-19`	2 years	crt.sh
*.vo.msecnd.net Microsoft IT TLS CA 2	`2020-03-18` - `2022-03-18`	2 years	crt.sh
*.vortex.data.microsoft.com Microsoft IT TLS CA 4	`2020-01-21` - `2022-01-21`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
a3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-06-19` - `2021-05-05`	a year	crt.sh
c.msn.com Microsoft IT TLS CA 2	`2020-04-23` - `2022-04-23`	2 years	crt.sh
www.github.com DigiCert SHA2 High Assurance Server CA	`2020-05-06` - `2022-04-14`	2 years	crt.sh
w.usabilla.com Amazon	`2020-04-10` - `2021-05-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-06-30` - `2020-09-22`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://docs.microsoft.com/en-us/azure-advanced-threat-protection/atp-reconnaissance-alerts
Frame ID: 94DBFB39EE522B1CACD4FFEF12538F5C
Requests: 29 HTTP requests in this frame

Frame: https://w.usabilla.com/cd99660205c0.js?lv=1
Frame ID: 889CAD347541FDC9CF702F772B715188
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://azure.microsoft.com/email/?destination=https%3A%2F%2Faka.ms%2Fatasaguide-recsamr&p=bT1kMTFmY2I0N... HTTP 302
https://aka.ms/atasaguide-recsamr HTTP 301
https://docs.microsoft.com/en-us/azure-advanced-threat-protection/atp-reconnaissance-alerts Page URL

Page Statistics

29
Requests

100 %
HTTPS

38 %
IPv6

10
Domains

15
Subdomains

10
IPs

6
Countries

561 kB
Transfer

1804 kB
Size

8
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://www.microsoft.com/
Title:

Search URL Search Domain Scan URL

URL: https://github.com/Microsoft/ATADocs/blob/master/ATPDocs/atp-reconnaissance-alerts.md
Title: Edit

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?original_referer=https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure-advanced-threat-protection%2Fatp-reconnaissance-alerts%3FWT.mc_id%3Dtwitter&text=Azure%20ATP%20reconnaissance%20phase%20security%20alerts%20%7C%20Microsoft%20Docs&tw_p=tweetbutton&url=https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure-advanced-threat-protection%2Fatp-reconnaissance-alerts%3FWT.mc_id%3Dtwitter
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/cws/share?url=https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure-advanced-threat-protection%2Fatp-reconnaissance-alerts%3FWT.mc_id%3Dlinkedin
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure-advanced-threat-protection%2Fatp-reconnaissance-alerts%3FWT.mc_id%3Dfacebook
Title: Facebook

Search URL Search Domain Scan URL

URL: https://gallery.technet.microsoft.com/Net-Cease-Blocking-Net-1e8dcb5b
Title: Net Cease tool

Search URL Search Domain Scan URL

URL: https://aka.ms/azureatpcommunity
Title: Check out the Azure ATP forum!

Search URL Search Domain Scan URL

URL: https://techcommunity.microsoft.com/t5/Azure-Advanced-Threat-Protection/bd-p/AzureAdvancedThreatProtection
Title: This product

Search URL Search Domain Scan URL

URL: https://github.com/MicrosoftDocs/atadocs/issues/new?title=&body=%0A%0A%5BEnter%20feedback%20here%5D%0A%0A%0A---%0A%23%23%23%23%20Document%20Details%0A%0A%E2%9A%A0%20*Do%20not%20edit%20this%20section.%20It%20is%20required%20for%20docs.microsoft.com%20%E2%9E%9F%20GitHub%20issue%20linking.*%0A%0A*%20ID%3A%2015a4ad8f-0039-5a6c-c97a-3a0dcdbfd492%0A*%20Version%20Independent%20ID%3A%204ec306c4-50c3-9745-682c-0e131d2a90c2%0A*%20Content%3A%20%5BAzure%20ATP%20reconnaissance%20phase%20security%20alerts%5D(https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure-advanced-threat-protection%2Fatp-reconnaissance-alerts%23user-and-group-membership-reconnaissance-samr-external-id-2021)%0A*%20Content%20Source%3A%20%5BATPDocs%2Fatp-reconnaissance-alerts.md%5D(https%3A%2F%2Fgithub.com%2FMicrosoft%2FATADocs%2Fblob%2Fmaster%2FATPDocs%2Fatp-reconnaissance-alerts.md)%0A*%20Service%3A%20**azure-advanced-threat-protection**%0A*%20GitHub%20Login%3A%20%40shsagir%0A*%20Microsoft%20Alias%3A%20**shsagir**
Title: This page

Search URL Search Domain Scan URL

URL: https://github.com/MicrosoftDocs/atadocs/issues?utf8=%E2%9C%93&q=%224ec306c4-50c3-9745-682c-0e131d2a90c2%22&in=body
Title: View all page feedback

Search URL Search Domain Scan URL

URL: https://go.microsoft.com/fwlink/?LinkId=521839
Title: Privacy & Cookies

Search URL Search Domain Scan URL

URL: https://aka.ms/sitefeedback
Title: Site Feedback

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/legal/intellectualproperty/Trademarks/EN-US.aspx
Title: Trademarks

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://azure.microsoft.com/email/?destination=https%3A%2F%2Faka.ms%2Fatasaguide-recsamr&p=bT1kMTFmY2I0Ni1mOTNlLTRhZDUtOGI3YS01ZjZlMThjY2FjNTQmdT1hZW8mbD1hdGFzYWd1aWRlLXJlY3NhbXI%3D HTTP 302
https://aka.ms/atasaguide-recsamr HTTP 301
https://docs.microsoft.com/en-us/azure-advanced-threat-protection/atp-reconnaissance-alerts Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

https://c1.microsoft.com/c.gif?DI=4050&did=1&t= HTTP 302
https://c.bing.com/c.gif?DI=4050&did=1&t=&CtsSyncId=B860E473DA49490B8A25AEE6F6879657&RedC=c1.microsoft.com&MXFR=2FA86A4A46BA6C54096C654F42BA6A07 HTTP 302
https://c1.microsoft.com/c.gif?DI=4050&did=1&t=&CtsSyncId=B860E473DA49490B8A25AEE6F6879657&MUID=0BF370FB3C106CB529C67FFE3D7B6D1B

Request Chain 16

https://github.com/shsagir.png?size=32 HTTP 302
https://avatars0.githubusercontent.com/u/51323195?s=32&v=4

Request Chain 17

https://github.com/mlottner.png?size=32 HTTP 302
https://avatars1.githubusercontent.com/u/41567042?s=32&v=4

Request Chain 18

https://github.com/rkarlin.png?size=32 HTTP 302
https://avatars3.githubusercontent.com/u/7419039?s=32&v=4

Request Chain 19

https://github.com/PRMerger16.png?size=32 HTTP 302
https://avatars3.githubusercontent.com/u/29302267?s=32&v=4

Request Chain 20

https://github.com/meganbradley.png?size=32 HTTP 302
https://avatars0.githubusercontent.com/u/17304189?s=32&v=4

Request Chain 22

https://www.google-analytics.com/r/collect?v=1&_v=j83&aip=1&a=1210444466&t=pageview&_s=1&dl=https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure-advanced-threat-protection%2Fatp-reconnaissance-alerts&ul=en-us&de=UTF-8&dt=Azure%20ATP%20reconnaissance%20phase%20security%20alerts%20%7C%20Microsoft%20Docs&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=519217924&gjid=1340359730&cid=1026356446.1594585980&tid=UA-62780441-21&_gid=1520532116.1594585980&_r=1&cd2=off&cd3=Conceptual&z=1639503071 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-62780441-21&cid=1026356446.1594585980&jid=519217924&_gid=1520532116.1594585980&gjid=1340359730&_v=j83&z=1639503071

Request Chain 23

https://github.com/mlottner.png?size=32 HTTP 302
https://avatars1.githubusercontent.com/u/41567042?s=32&v=4

Request Chain 24

https://github.com/PRMerger16.png?size=32 HTTP 302
https://avatars3.githubusercontent.com/u/29302267?s=32&v=4

Request Chain 26

https://github.com/rkarlin.png?size=32 HTTP 302
https://avatars3.githubusercontent.com/u/7419039?s=32&v=4

Request Chain 27

https://github.com/shsagir.png?size=32 HTTP 302
https://avatars0.githubusercontent.com/u/51323195?s=32&v=4

Request Chain 28

https://github.com/meganbradley.png?size=32 HTTP 302
https://avatars0.githubusercontent.com/u/17304189?s=32&v=4

29 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request atp-reconnaissance-alerts Show response
docs.microsoft.com/en-us/azure-advanced-threat-protection/
Redirect Chain

https://azure.microsoft.com/email/?destination=https%3A%2F%2Faka.ms%2Fatasaguide-recsamr&p=bT1kMTFmY2I0Ni1mOTNlLTRhZDUtOGI3YS01ZjZlMThjY2FjNTQmdT1hZW8mbD1hdGFzYWd1aWRlLXJlY3NhbXI%3D
https://aka.ms/atasaguide-recsamr
https://docs.microsoft.com/en-us/azure-advanced-threat-protection/atp-reconnaissance-alerts

59 KB
19 KB

278ms
259ms

Document
text/html

2a02:26f0:64:585::353e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.microsoft.com/en-us/azure-advanced-threat-protection/atp-reconnaissance-alerts

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64:585::353e , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

c8d7fa8642a382bc9b16c818434501d33ed565e8992d865e58c10d898530f433

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: docs.microsoft.com
:scheme: https
:path: /en-us/azure-advanced-threat-protection/atp-reconnaissance-alerts
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
etag: "4+ZICozLTAoyzaX4jyCYTQuDm8nEhv2RyWeewWbpKFs="
request-context: appId=cid-v1:21aee9e4-1cf5-4750-b2bd-78b2747f4211
x-datacenter: wus
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-rendering-stack: Dynamic
content-type: text/html
content-encoding: gzip
vary: Accept-Encoding
content-length: 18331
cache-control: public, max-age=600
expires: Sun, 12 Jul 2020 20:42:58 GMT
date: Sun, 12 Jul 2020 20:32:58 GMT
akamai-cache-status: RefreshHit from child, Miss from parent
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}

Redirect headers

Location: https://docs.microsoft.com/en-us/azure-advanced-threat-protection/atp-reconnaissance-alerts#user-and-group-membership-reconnaissance-samr-external-id-2021
Server: Kestrel
Request-Context: appId=cid-v1:9b037ab9-fa5a-4c09-81bd-41ffa859f01e
X-Response-Cache-Status: True
X-Powered-By: ASP.NET
Content-Length: 0
Expires: Sun, 12 Jul 2020 20:32:58 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 12 Jul 2020 20:32:58 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains

GET
H2 200 ceb54b02.site-ltr.css
docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/ 395 KB
55 KB 9ms
9ms Stylesheet
text/css 2a02:26f0:64:585::353e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/ceb54b02.site-ltr.css

Requested by

Host: docs.microsoft.com
URL: https://docs.microsoft.com/en-us/azure-advanced-threat-protection/atp-reconnaissance-alerts

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64:585::353e , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

5095436531e776cecb3a980b76c185e94ad39e43c985ca2681d9b89f0704a2b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://docs.microsoft.com/en-us/azure-advanced-threat-protection/atp-reconnaissance-alerts
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
status: 200
content-length: 56054
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Thu, 09 Jul 2020 19:12:01 GMT
x-datacenter: wus
x-frame-options: SAMEORIGIN
date: Sun, 12 Jul 2020 20:32:59 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
content-type: text/css
cache-control: max-age=340829
etag: "0x8D8243BF55C3B62"
akamai-cache-status: Hit from child
request-context: appId=cid-v1:21aee9e4-1cf5-4750-b2bd-78b2747f4211
expires: Thu, 16 Jul 2020 19:13:28 GMT

GET
H2 200 5a8a71c1.conceptual.css
docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/ 3 KB
2 KB 15ms
14ms Stylesheet
text/css 2a02:26f0:64:585::353e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/5a8a71c1.conceptual.css

Requested by

Host: docs.microsoft.com
URL: https://docs.microsoft.com/en-us/azure-advanced-threat-protection/atp-reconnaissance-alerts

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64:585::353e , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

765dd0039afbeb0c1e2dcddbdaee17f4de2687b1d40a1be94ff401b2ca982dd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://docs.microsoft.com/en-us/azure-advanced-threat-protection/atp-reconnaissance-alerts
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
status: 200
content-length: 1076
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Tue, 07 Jul 2020 18:20:58 GMT
x-datacenter: eus
x-frame-options: SAMEORIGIN
date: Sun, 12 Jul 2020 20:32:59 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
content-type: text/css
cache-control: max-age=215108
etag: "0x8D822A27EE33787"
akamai-cache-status: Hit from child
request-context: appId=cid-v1:cd765a3e-2aba-43aa-b307-6e4b3b4be342
expires: Wed, 15 Jul 2020 08:18:07 GMT

GET
H2 200 87a3687.index-docs.js Show response
docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/scripts/ 1016 KB
248 KB 16ms
16ms Script
application/javascript 2a02:26f0:64:585::353e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/scripts/87a3687.index-docs.js

Requested by

Host: docs.microsoft.com
URL: https://docs.microsoft.com/en-us/azure-advanced-threat-protection/atp-reconnaissance-alerts

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64:585::353e , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

b931248d538bd6e9f3b74afb1eae9e348b41ee569076d9f852cfb5448b8599b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://docs.microsoft.com/en-us/azure-advanced-threat-protection/atp-reconnaissance-alerts
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
status: 200
content-length: 252471
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Fri, 10 Jul 2020 17:42:06 GMT
x-datacenter: wus
x-frame-options: SAMEORIGIN
date: Sun, 12 Jul 2020 20:32:59 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
content-type: application/javascript
cache-control: max-age=421861
etag: "0x8D824F89056B10E"
akamai-cache-status: Hit from child
request-context: appId=cid-v1:21aee9e4-1cf5-4750-b2bd-78b2747f4211
expires: Fri, 17 Jul 2020 17:44:00 GMT

GET
H2 200 toc.json Show response
docs.microsoft.com/en-us/azure-advanced-threat-protection/ 7 KB
3 KB 238ms
238ms Fetch
application/json 2a02:26f0:64:585::353e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.microsoft.com/en-us/azure-advanced-threat-protection/toc.json

Requested by

Host: docs.microsoft.com
URL: https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/scripts/87a3687.index-docs.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64:585::353e , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

3751e56e2f79fb411b42eea466721ec61ffa96a0b22cde5a464cfca9d24b8a59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://docs.microsoft.com/en-us/azure-advanced-threat-protection/atp-reconnaissance-alerts
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
status: 200
content-length: 2159
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
x-rendering-stack: Static
last-modified: Tue, 23 Jun 2020 13:55:46 GMT
x-datacenter: wus
x-frame-options: SAMEORIGIN
date: Sun, 12 Jul 2020 20:32:59 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
content-type: application/json
cache-control: public, max-age=600
etag: "0x8D8177D20D491C4"
akamai-cache-status: RefreshHit from child
request-context: appId=cid-v1:21aee9e4-1cf5-4750-b2bd-78b2747f4211
expires: Sun, 12 Jul 2020 20:42:59 GMT

GET
H2 200 toc.json Show response
docs.microsoft.com/en-us/azure-advanced-threat-protection/bread/ 787 B
1011 B 256ms
256ms Fetch
application/json 2a02:26f0:64:585::353e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.microsoft.com/en-us/azure-advanced-threat-protection/bread/toc.json

Requested by

Host: docs.microsoft.com
URL: https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/scripts/87a3687.index-docs.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64:585::353e , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

326d73243c62f6d829c62cced9b195bd837396c06246fc60253ae29766b8734b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://docs.microsoft.com/en-us/azure-advanced-threat-protection/atp-reconnaissance-alerts
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
status: 200
content-length: 382
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
x-rendering-stack: Static
last-modified: Tue, 14 Apr 2020 17:27:09 GMT
x-datacenter: wus
x-frame-options: SAMEORIGIN
date: Sun, 12 Jul 2020 20:32:59 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
content-type: application/json
cache-control: public, max-age=600
etag: "0x8D7E0990F86B5AD"
akamai-cache-status: RefreshHit from child, RefreshHit from parent
request-context: appId=cid-v1:21aee9e4-1cf5-4750-b2bd-78b2747f4211
expires: Sun, 12 Jul 2020 20:42:59 GMT

GET
H2 200 jsll-4.js Show response
az725175.vo.msecnd.net/scripts/ 54 KB
18 KB 131ms
32ms Script
text/javascript 152.199.19.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az725175.vo.msecnd.net/scripts/jsll-4.js
Requested by: Host: docs.microsoft.com
URL: https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/scripts/87a3687.index-docs.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F78) /
Resource Hash: e6bbfa4af18fb4f0e9c8a31d6654eac92d0f82dc895c6e5f49b54a8de51e5923

Request headers

Referer: https://docs.microsoft.com/en-us/azure-advanced-threat-protection/atp-reconnaissance-alerts
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 12 Jul 2020 20:32:59 GMT
content-encoding: gzip
content-md5: Dy7dMa7nsOSUbofNz/X23A==
age: 901
x-cache: HIT
status: 200
content-length: 18058
x-ms-lease-status: unlocked
last-modified: Thu, 14 Mar 2019 00:43:49 GMT
server: ECAcc (frc/8F78)
etag: 0x8D6A8161FD3B925
vary: Accept-Encoding
content-type: text/javascript; charset="utf-8"
x-ms-request-id: 957ea3e6-e01e-0024-5489-585665000000
cache-control: public, max-age=1800, immutable
x-ms-version: 2009-09-19

GET
H2 200 cookieConsent Show response
docs.microsoft.com/api/privacy/ 1 KB
1 KB 478ms
478ms Fetch
application/json 2a02:26f0:64:585::353e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.microsoft.com/api/privacy/cookieConsent?locale=en-us

Requested by

Host: docs.microsoft.com
URL: https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/scripts/87a3687.index-docs.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64:585::353e , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

8651e79d345871314abcf5450b60ae178cba753a35536ff67c8c6d8d190294ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://docs.microsoft.com/en-us/azure-advanced-threat-protection/atp-reconnaissance-alerts
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 12 Jul 2020 20:32:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
content-type: application/json; charset=utf-8
status: 200
cache-control: private, max-age=86400
akamai-cache-status: Miss from child
content-length: 832
request-context: appId=cid-v1:7fb2a082-1cb3-466c-9ec8-b99b10ef1f7c

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7d3e8e9d05c54aff571ff105976c145b27661ce222919bb88555db6e6df88dd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 microsoft-logo-light.c77142eb.png
docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/ 3 KB
3 KB 9ms
9ms Image
image/png 2a02:26f0:64:585::353e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/microsoft-logo-light.c77142eb.png

Requested by

Host: docs.microsoft.com
URL: https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/scripts/87a3687.index-docs.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64:585::353e , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

db8b7053837f82f77ec75728235304ca6508a5277c5640924b602c2a56db3ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/ceb54b02.site-ltr.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
status: 200
content-length: 2704
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Mon, 06 Jul 2020 23:46:36 GMT
x-datacenter: wus
date: Sun, 12 Jul 2020 20:32:59 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
content-type: image/png
cache-control: max-age=152388
etag: "0x8D82206D241E373"
akamai-cache-status: Hit from child
request-context: appId=cid-v1:21aee9e4-1cf5-4750-b2bd-78b2747f4211
expires: Tue, 14 Jul 2020 14:52:47 GMT

GET
H2 200 docons.cfbd1aa4.woff2
docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/ 11 KB
11 KB 13ms
13ms Font
application/font-woff2 2a02:26f0:64:585::353e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/docons.cfbd1aa4.woff2

Requested by

Host: docs.microsoft.com
URL: https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/scripts/87a3687.index-docs.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64:585::353e , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

1369b1c29cb113ffbb4da7ab2e12257f1f27cb3cc3930489721bbd998fcced0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/ceb54b02.site-ltr.css
Origin: https://docs.microsoft.com

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
status: 200
content-length: 10912
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Mon, 06 Jul 2020 23:46:36 GMT
x-datacenter: wus
date: Sun, 12 Jul 2020 20:32:59 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
content-type: application/font-woff2
cache-control: max-age=146270
etag: "0x8D82206D2286370"
akamai-cache-status: Hit from child
request-context: appId=cid-v1:21aee9e4-1cf5-4750-b2bd-78b2747f4211
expires: Tue, 14 Jul 2020 13:10:49 GMT

GET
H2 200 SegoeUI-Roman-VF_web.woff2
docs.microsoft.com/static/third-party/SegoeUIWeb/1.01.206/ 116 KB
116 KB 12ms
12ms Font
application/octet-stream 2a02:26f0:64:585::353e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.microsoft.com/static/third-party/SegoeUIWeb/1.01.206/SegoeUI-Roman-VF_web.woff2

Requested by

Host: docs.microsoft.com
URL: https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/scripts/87a3687.index-docs.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64:585::353e , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

63c12051016796d92bcf4bc20b4881057475e6dfa4937c29c9e16054814ab47d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/ceb54b02.site-ltr.css
Origin: https://docs.microsoft.com

Response headers

x-ms-blob-type: BlockBlob
strict-transport-security: max-age=15768000 ; includeSubDomains
etag: 0x8D7D0D9DD3E1C3B
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
content-md5: vKlyGNyjyxXOAoTLy0UokA==
status: 200
content-length: 118288
x-ms-lease-status: unlocked
last-modified: Wed, 25 Mar 2020 16:30:43 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
date: Sun, 12 Jul 2020 20:32:59 GMT
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
content-type: application/octet-stream
access-control-allow-origin: *
x-ms-request-id: b2d8f70c-f01e-0018-374b-33e207000000
cache-control: max-age=27440089
x-ms-version: 2009-09-19
akamai-cache-status: Hit from child
expires: Wed, 26 May 2021 10:47:48 GMT

GET
H2 200 latest.woff2
docs.microsoft.com/static/third-party/SegoeUI/5.32/west-european/italic/ 27 KB
28 KB 9ms
9ms Font
application/octet-stream 2a02:26f0:64:585::353e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.microsoft.com/static/third-party/SegoeUI/5.32/west-european/italic/latest.woff2

Requested by

Host: docs.microsoft.com
URL: https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/scripts/87a3687.index-docs.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64:585::353e , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

e172a02b68f977a57a1690507df809db1e43130f0161961709a36dbd70b4d25f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/ceb54b02.site-ltr.css
Origin: https://docs.microsoft.com

Response headers

x-ms-blob-type: BlockBlob
strict-transport-security: max-age=15768000 ; includeSubDomains
etag: 0x8D81ECF72818A4F
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
content-md5: KDXuKBsHfKiscoVwIAfIlA==
status: 200
content-length: 27624
x-ms-lease-status: unlocked
last-modified: Thu, 02 Jul 2020 21:32:40 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
date: Sun, 12 Jul 2020 20:32:59 GMT
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
content-type: application/octet-stream
access-control-allow-origin: *
x-ms-request-id: 438fdc9e-b01e-003d-1af0-537ab4000000
cache-control: max-age=31029386
x-ms-version: 2009-09-19
akamai-cache-status: Hit from child
expires: Tue, 06 Jul 2021 23:49:25 GMT

GET
H/1.1 200
OK t.js Show response
web.vortex.data.microsoft.com/collect/v1/ 281 B
966 B 280ms
57ms Script
application/javascript 40.77.226.250
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://web.vortex.data.microsoft.com/collect/v1/t.js?ver=%272.1%27&name=%27Ms.Webi.PageView%27&time=%272020-07-12T20%3A32%3A59.855Z%27&os=%27MacOS%27&appId=%27JS%3ADocs%27&-ver=%271.0%27&-impressionGuid=%272fd81041-40b5-4204-af66-91d692bc9c9d%27&-pageName=%2715a4ad8f-0039-5a6c-c97a-3a0dcdbfd492%27&-uri=%27https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure-advanced-threat-protection%2Fatp-reconnaissance-alerts%23user-and-group-membership-reconnaissance-samr-external-id-2021%27&-market=%27en-us%27&-pageType=%27conceptual%27&-resHeight=1200&-resWidth=1600&-pageTags=%27%7B%22author%22%3A%22shsagir%22%2C%22depotname%22%3A%22MSDN.ATPDocs%22%2C%22document_version_independent_id%22%3A%224ec306c4-50c3-9745-682c-0e131d2a90c2%22%2C%22gitcommit%22%3A%22https%3A%2F%2Fgithub.com%2FMicrosoftDocs%2FATADocs-pr%2Fblob%2F4b31ece67c246752d30cf4a98936cb06489bafec%2FATPDocs%2Fatp-reconnaissance-alerts.md%22%2C%22manager%22%3A%22shsagir%22%2C%22asst%22%3A%22e9cf68d2-36bd-4b0d-b36e-7cf7ded2618e%22%2C%22pgauth%22%3A%22shsagir%22%2C%22collection%22%3A%22M365-security-compliance%22%2C%22date%22%3A%2203%2F01%2F2020%22%2C%22reviewer%22%3A%22itargoet%22%2C%22pgsrvcs%22%3A%22azure-advanced-threat-protection%22%2C%22suite%22%3A%22ems%22%2C%22pgtop%22%3A%22tutorial%22%2C%22giturl%22%3A%22https%3A%2F%2Fgithub.com%2FMicrosoftDocs%2FATADocs-pr%2Fblob%2Flive%2FATPDocs%2Fatp-reconnaissance-alerts.md%22%2C%22publishtime%22%3A%222020-06-15%2001%3A57%20PM%22%2C%22contentlocale%22%3A%22en-us%22%2C%22highContrast%22%3A%22false%22%2C%22metaTags%22%3A%7B%7D%7D%27&-behavior=0&*baseType=%27Ms.Content.PageView%27&*cookieEnabled=true&*isJs=true&*title=%27Azure%20ATP%20reconnaissance%20phase%20security%20alerts%20%7C%20Microsoft%20Docs%27&*isLoggedIn=false&*flashInstalled=false&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.14%27&ext-javascript-domain=%27docs.microsoft.com%27&ext-javascript-userConsent=false&$mscomCookies=false

Requested by

Host: az725175.vo.msecnd.net
URL: https://az725175.vo.msecnd.net/scripts/jsll-4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f4e2dc43eb318299e7ad29c290aad2d51532d6fac7e619c7bb2c1124875bb858

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://docs.microsoft.com/en-us/azure-advanced-threat-protection/atp-reconnaissance-alerts
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 12 Jul 2020 20:32:59 GMT
X-Content-Type-Options: nosniff
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control: no-cache, no-store
MS-CV: Wr7ehGBgeEKJb7+ZfCqU3Q.0
Content-Type: application/javascript
Content-Length: 281
Expires: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: docs.microsoft.com
URL: https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/scripts/87a3687.index-docs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://docs.microsoft.com/en-us/azure-advanced-threat-protection/atp-reconnaissance-alerts
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 1039
date: Sun, 12 Jul 2020 20:15:40 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Sun, 12 Jul 2020 22:15:40 GMT

GET
H2 200 lux.js Show response
cdn.speedcurve.com/js/ 22 KB
7 KB 103ms
33ms Script
application/javascript 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.speedcurve.com/js/lux.js?id=409849828

Requested by

Host: docs.microsoft.com
URL: https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/scripts/87a3687.index-docs.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

61de5667cecbe920246e2c732a8ad280f70e11fb7ced5876f42bd41d384b239c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://docs.microsoft.com/en-us/azure-advanced-threat-protection/atp-reconnaissance-alerts
Origin: https://docs.microsoft.com

Response headers

strict-transport-security: max-age=15768000
content-encoding: gzip
age: 1652
x-cache: HIT
status: 200
content-length: 6939
x-served-by: cache-hhn4070-HHN
access-control-allow-origin: *
last-modified: Sun, 12 Jul 2020 20:05:26 GMT
server: Apache
x-timer: S1594585980.942517,VS0,VE0
date: Sun, 12 Jul 2020 20:32:59 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Sun, 19 Jul 2020 20:05:26 GMT
cache-control: max-age=604800
x-ua-compatible: IE=edge
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 33

GET
H2

200

c.gif
c1.microsoft.com/
Redirect Chain

https://c1.microsoft.com/c.gif?DI=4050&did=1&t=
https://c.bing.com/c.gif?DI=4050&did=1&t=&CtsSyncId=B860E473DA49490B8A25AEE6F6879657&RedC=c1.microsoft.com&MXFR=2FA86A4A46BA6C54096C654F42BA6A07
https://c1.microsoft.com/c.gif?DI=4050&did=1&t=&CtsSyncId=B860E473DA49490B8A25AEE6F6879657&MUID=0BF370FB3C106CB529C67FFE3D7B6D1B

42 B
313 B

56ms
55ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c1.microsoft.com/c.gif?DI=4050&did=1&t=&CtsSyncId=B860E473DA49490B8A25AEE6F6879657&MUID=0BF370FB3C106CB529C67FFE3D7B6D1B
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://docs.microsoft.com/en-us/azure-advanced-threat-protection/atp-reconnaissance-alerts
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Jul 2020 20:32:59 GMT
etag: "9b2fd78e4b1ed61:0"
last-modified: Wed, 29 Apr 2020 17:28:12 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
status: 200
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Sun, 12 Jul 2020 20:32:59 GMT
x-msedge-ref: Ref A: 9E804D87307947CC82C4E508938B66B9 Ref B: FRAEDGE1508 Ref C: 2020-07-12T20:33:00Z
x-powered-by: ASP.NET
status: 302
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c1.microsoft.com/c.gif?DI=4050&did=1&t=&CtsSyncId=B860E473DA49490B8A25AEE6F6879657&MUID=0BF370FB3C106CB529C67FFE3D7B6D1B
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H/1.1

200
OK

51323195
avatars0.githubusercontent.com/u/
Redirect Chain

https://github.com/shsagir.png?size=32
https://avatars0.githubusercontent.com/u/51323195?s=32&v=4

995 B
2 KB

107ms
36ms

Image
image/jpeg

151.101.112.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://avatars0.githubusercontent.com/u/51323195?s=32&v=4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b3724bb570b85fcabe6dc497f945cd6eff6c77fea4083e776d1e17b8acd858f1

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://docs.microsoft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Fastly-Request-ID: b6ce74c2c05d86971c72893366c598b7a17c2a55
Content-Security-Policy: default-src 'none'
Via: 1.1 varnish
X-Content-Type-Options: nosniff
X-Cache: HIT
X-Cache-Hits: 1
Connection: keep-alive
Vary: Authorization,Accept-Encoding
Content-Length: 995
X-Xss-Protection: 1; mode=block
X-Served-By: cache-hhn4079-HHN
Last-Modified: Mon, 03 Jun 2019 11:37:45 GMT
X-GitHub-Request-Id: E758:3CDE:2AFB46:3753B8:5D8351FD
X-Timer: S1594585980.202480,VS0,VE1
X-Frame-Options: deny
Date: Sun, 12 Jul 2020 20:33:00 GMT
Source-Age: 25698686
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=300
Etag: "bd5342d5084d26742c21816a5cbc9a304eb4d875"
Accept-Ranges: bytes
Timing-Allow-Origin: https://github.com
Expires: Sun, 12 Jul 2020 20:38:00 GMT

Redirect headers

date: Sun, 12 Jul 2020 20:33:00 GMT
x-content-type-options: nosniff
status: 302 Found
strict-transport-security: max-age=31536000; includeSubdomains; preload
Content-Length: 128
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: GitHub.com
X-GitHub-Request-Id: D89A:2C11:5F7354B:8B6B9F5:5F0B737B
x-frame-options: deny
expect-ct: max-age=2592000, report-uri="https://api.github.com/_private/browser/errors"
vary: X-PJAX, Accept-Encoding, Accept, X-Requested-With, Accept-Encoding
content-type: image/png; charset=utf-8
location: https://avatars0.githubusercontent.com/u/51323195?s=32&v=4
cache-control: no-cache
content-security-policy: default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com cdn.optimizely.com logx.optimizely.com/v1/events wss://live.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; worker-src github.com/socket-worker.js gist.github.com/socket-worker.js

GET
H/1.1

200
OK

41567042
avatars1.githubusercontent.com/u/
Redirect Chain

https://github.com/mlottner.png?size=32
https://avatars1.githubusercontent.com/u/41567042?s=32&v=4

918 B
2 KB

108ms
35ms

Image
image/jpeg

151.101.112.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://avatars1.githubusercontent.com/u/41567042?s=32&v=4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

762190ee34bfcd24955a3fe5aff6eb3145e5762b0f41242f6349b563421e4340

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://docs.microsoft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Fastly-Request-ID: 58d6291ee51ead5d4a213715d84a6b9f70112106
Content-Security-Policy: default-src 'none'
Via: 1.1 varnish
X-Content-Type-Options: nosniff
X-Cache: HIT
X-Cache-Hits: 1
Connection: keep-alive
Vary: Authorization,Accept-Encoding
Content-Length: 918
X-Xss-Protection: 1; mode=block
X-Served-By: cache-hhn4069-HHN
Last-Modified: Mon, 23 Jul 2018 07:36:57 GMT
X-GitHub-Request-Id: 3D60:7F22:2409C:2C312:5E38DAE3
X-Timer: S1594585980.092924,VS0,VE1
X-Frame-Options: deny
Date: Sun, 12 Jul 2020 20:33:00 GMT
Source-Age: 13801622
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=300
Etag: "4ca112a53ba2f05d3f32c2cbb0aa1424db5b09af"
Accept-Ranges: bytes
Timing-Allow-Origin: https://github.com
Expires: Sun, 12 Jul 2020 20:38:00 GMT

Redirect headers

date: Sun, 12 Jul 2020 20:32:26 GMT
x-content-type-options: nosniff
status: 302 Found
strict-transport-security: max-age=31536000; includeSubdomains; preload
Content-Length: 128
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: GitHub.com
X-GitHub-Request-Id: D896:4BE1:56F87FB:7DB8C1E:5F0B737B
x-frame-options: deny
expect-ct: max-age=2592000, report-uri="https://api.github.com/_private/browser/errors"
vary: X-PJAX, Accept-Encoding, Accept, X-Requested-With, Accept-Encoding
content-type: image/png; charset=utf-8
location: https://avatars1.githubusercontent.com/u/41567042?s=32&v=4
cache-control: no-cache
content-security-policy: default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com cdn.optimizely.com logx.optimizely.com/v1/events wss://live.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; worker-src github.com/socket-worker.js gist.github.com/socket-worker.js

GET
H/1.1

200
OK

7419039
avatars3.githubusercontent.com/u/
Redirect Chain

https://github.com/rkarlin.png?size=32
https://avatars3.githubusercontent.com/u/7419039?s=32&v=4

946 B
2 KB

40ms
35ms

Image
image/jpeg

151.101.112.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://avatars3.githubusercontent.com/u/7419039?s=32&v=4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

543788070c771e78653ee3be1fcf6849b5b382becb1ce8f17519c76312e00586

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://docs.microsoft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Fastly-Request-ID: 19bf08f95d01a4c41aa987d6fc38c10fd0f53ab0
Content-Security-Policy: default-src 'none'
Via: 1.1 varnish
X-Content-Type-Options: nosniff
X-Cache: HIT
X-Cache-Hits: 1
Connection: keep-alive
Vary: Authorization,Accept-Encoding
Content-Length: 946
X-Xss-Protection: 1; mode=block
X-Served-By: cache-hhn4063-HHN
Last-Modified: Wed, 09 Sep 2015 08:59:51 GMT
X-GitHub-Request-Id: 459E:7AA8:13217E:168166:5E936470
X-Timer: S1594585980.131838,VS0,VE1
X-Frame-Options: deny
Date: Sun, 12 Jul 2020 20:33:00 GMT
Source-Age: 7868167
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=300
Etag: "42fb906cd1a7d93f482c15ba8ae261e5dd4d038a"
Accept-Ranges: bytes
Timing-Allow-Origin: https://github.com
Expires: Sun, 12 Jul 2020 20:38:00 GMT

Redirect headers

date: Sun, 12 Jul 2020 20:33:00 GMT
x-content-type-options: nosniff
status: 302 Found
strict-transport-security: max-age=31536000; includeSubdomains; preload
Content-Length: 127
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: GitHub.com
X-GitHub-Request-Id: D894:FDA8:56121F3:7C6ACB5:5F0B737B
x-frame-options: deny
expect-ct: max-age=2592000, report-uri="https://api.github.com/_private/browser/errors"
vary: X-PJAX, Accept-Encoding, Accept, X-Requested-With, Accept-Encoding
content-type: image/png; charset=utf-8
location: https://avatars3.githubusercontent.com/u/7419039?s=32&v=4
cache-control: no-cache
content-security-policy: default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com cdn.optimizely.com logx.optimizely.com/v1/events wss://live.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; worker-src github.com/socket-worker.js gist.github.com/socket-worker.js

GET
H/1.1

200
OK

29302267
avatars3.githubusercontent.com/u/
Redirect Chain

https://github.com/PRMerger16.png?size=32
https://avatars3.githubusercontent.com/u/29302267?s=32&v=4

2 KB
2 KB

110ms
36ms

Image
image/png

151.101.112.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://avatars3.githubusercontent.com/u/29302267?s=32&v=4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

87dfb1ba2c53a73de91d69af0b3e1cfd4f21d4fdf2d553e4579873ed79fabf2a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://docs.microsoft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Fastly-Request-ID: cc6715c427e88dc6bac7aeb69330a91b1242aa7f
Content-Security-Policy: default-src 'none'
Via: 1.1 varnish
X-Content-Type-Options: nosniff
X-Cache: HIT
X-Cache-Hits: 1
Connection: keep-alive
Vary: Authorization,Accept-Encoding
Content-Length: 1569
X-Xss-Protection: 1; mode=block
X-Served-By: cache-hhn4063-HHN
Last-Modified: Tue, 15 Jun 2010 14:30:24 GMT
X-GitHub-Request-Id: 5382:41A2:1EC850:261BB2:5EE990E4
X-Timer: S1594585980.094564,VS0,VE1
X-Frame-Options: deny
Date: Sun, 12 Jul 2020 20:33:00 GMT
Source-Age: 2220694
Strict-Transport-Security: max-age=31557600
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=300
Etag: "177545fef805df92027526b3e082b3e98e79dd39"
Accept-Ranges: bytes
Timing-Allow-Origin: https://github.com
Expires: Sun, 12 Jul 2020 20:38:00 GMT

Redirect headers

date: Sun, 12 Jul 2020 20:31:11 GMT
x-content-type-options: nosniff
status: 302 Found
strict-transport-security: max-age=31536000; includeSubdomains; preload
Content-Length: 128
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: GitHub.com
X-GitHub-Request-Id: D898:FDA6:38C589F:518971E:5F0B737B
x-frame-options: deny
expect-ct: max-age=2592000, report-uri="https://api.github.com/_private/browser/errors"
vary: X-PJAX, Accept-Encoding, Accept, X-Requested-With, Accept-Encoding
content-type: image/png; charset=utf-8
location: https://avatars3.githubusercontent.com/u/29302267?s=32&v=4
cache-control: no-cache
content-security-policy: default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com cdn.optimizely.com logx.optimizely.com/v1/events wss://live.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; worker-src github.com/socket-worker.js gist.github.com/socket-worker.js

GET
H/1.1

200
OK

17304189
avatars0.githubusercontent.com/u/
Redirect Chain

https://github.com/meganbradley.png?size=32
https://avatars0.githubusercontent.com/u/17304189?s=32&v=4

977 B
2 KB

105ms
35ms

Image
image/jpeg

151.101.112.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://avatars0.githubusercontent.com/u/17304189?s=32&v=4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

523235a18ee8a542ecb5866c72b6c749d19f4695de81880281687e8a85e407e0

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://docs.microsoft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Fastly-Request-ID: 3f6e33e2dbe747f136d62b176d2b2399b0abe6af
Content-Security-Policy: default-src 'none'
Via: 1.1 varnish
X-Content-Type-Options: nosniff
X-Cache: HIT
X-Cache-Hits: 1
Connection: keep-alive
Vary: Authorization,Accept-Encoding
Content-Length: 977
X-Xss-Protection: 1; mode=block
X-Served-By: cache-hhn4077-HHN
Last-Modified: Mon, 14 Mar 2016 17:38:57 GMT
X-GitHub-Request-Id: F7B2:2D64:315A75:3C852D:5E2F0E30
X-Timer: S1594585980.218291,VS0,VE1
X-Frame-Options: deny
Date: Sun, 12 Jul 2020 20:33:00 GMT
Source-Age: 14443852
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=300
Etag: "47d719add5c8ed38ea19d274b2964db746495892"
Accept-Ranges: bytes
Timing-Allow-Origin: https://github.com
Expires: Sun, 12 Jul 2020 20:38:00 GMT

Redirect headers

date: Sun, 12 Jul 2020 20:33:00 GMT
x-content-type-options: nosniff
status: 302 Found
strict-transport-security: max-age=31536000; includeSubdomains; preload
Content-Length: 128
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: GitHub.com
X-GitHub-Request-Id: D892:1844:6221C21:8DE11DE:5F0B737B
x-frame-options: deny
expect-ct: max-age=2592000, report-uri="https://api.github.com/_private/browser/errors"
vary: X-PJAX, Accept-Encoding, Accept, X-Requested-With, Accept-Encoding
content-type: image/png; charset=utf-8
location: https://avatars0.githubusercontent.com/u/17304189?s=32&v=4
cache-control: no-cache
content-security-policy: default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com cdn.optimizely.com logx.optimizely.com/v1/events wss://live.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; worker-src github.com/socket-worker.js gist.github.com/socket-worker.js

GET
H2 200 cd99660205c0.js Show response
w.usabilla.com/ Frame 889C 34 KB
11 KB 187ms
64ms Script
text/javascript 99.80.110.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://w.usabilla.com/cd99660205c0.js?lv=1
Requested by: Host: docs.microsoft.com
URL: https://docs.microsoft.com/en-us/azure-advanced-threat-protection/atp-reconnaissance-alerts
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.110.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-110-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 70801bdc5f234f9063d09e2e6bcfa086404056b51ff3478f902d23ef2cf4eca0

Request headers

Referer: https://docs.microsoft.com/en-us/azure-advanced-threat-protection/atp-reconnaissance-alerts
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Jul 2020 20:33:00 GMT
content-encoding: gzip
x-widget-server: 2.1
etag: "39226e1ab201d3336692fef7caecd2a5"
content-type: text/javascript
status: 200
cache-control: public,max-age=0
content-length: 10547

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j83&aip=1&a=1210444466&t=pageview&_s=1&dl=https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure-advanced-threat-protection%2Fatp-reconnaissance-alerts&u...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-62780441-21&cid=1026356446.1594585980&jid=519217924&_gid=1520532116.1594585980&gjid=1340359730&_v=j83&z=1639503071

35 B
133 B

16ms
16ms

Image
image/gif

2a00:1450:400c:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-62780441-21&cid=1026356446.1594585980&jid=519217924&_gid=1520532116.1594585980&gjid=1340359730&_v=j83&z=1639503071

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://docs.microsoft.com/en-us/azure-advanced-threat-protection/atp-reconnaissance-alerts
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 12 Jul 2020 20:32:59 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 12 Jul 2020 20:32:59 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 302
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-62780441-21&cid=1026356446.1594585980&jid=519217924&_gid=1520532116.1594585980&gjid=1340359730&_v=j83&z=1639503071
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 420
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

41567042
avatars1.githubusercontent.com/u/
Redirect Chain

https://github.com/mlottner.png?size=32
https://avatars1.githubusercontent.com/u/41567042?s=32&v=4

918 B
2 KB

35ms
34ms

Image
image/jpeg

151.101.112.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://avatars1.githubusercontent.com/u/41567042?s=32&v=4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

762190ee34bfcd24955a3fe5aff6eb3145e5762b0f41242f6349b563421e4340

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://docs.microsoft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Fastly-Request-ID: 65ba72413d99ef886319c4b14049a8484e9f9dc8
Content-Security-Policy: default-src 'none'
Via: 1.1 varnish
X-Content-Type-Options: nosniff
X-Cache: HIT
X-Cache-Hits: 2
Connection: keep-alive
Vary: Authorization,Accept-Encoding
Content-Length: 918
X-Xss-Protection: 1; mode=block
X-Served-By: cache-hhn4069-HHN
Last-Modified: Mon, 23 Jul 2018 07:36:57 GMT
X-GitHub-Request-Id: 3D60:7F22:2409C:2C312:5E38DAE3
X-Timer: S1594585980.181596,VS0,VE0
X-Frame-Options: deny
Date: Sun, 12 Jul 2020 20:33:00 GMT
Source-Age: 13801622
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=300
Etag: "4ca112a53ba2f05d3f32c2cbb0aa1424db5b09af"
Accept-Ranges: bytes
Timing-Allow-Origin: https://github.com
Expires: Sun, 12 Jul 2020 20:38:00 GMT

Redirect headers

date: Sun, 12 Jul 2020 20:32:26 GMT
x-content-type-options: nosniff
status: 302 Found
strict-transport-security: max-age=31536000; includeSubdomains; preload
Content-Length: 128
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: GitHub.com
X-GitHub-Request-Id: D89A:2C11:5F73588:8B6BA3B:5F0B737C
x-frame-options: deny
expect-ct: max-age=2592000, report-uri="https://api.github.com/_private/browser/errors"
vary: X-PJAX, Accept-Encoding, Accept, X-Requested-With, Accept-Encoding
content-type: image/png; charset=utf-8
location: https://avatars1.githubusercontent.com/u/41567042?s=32&v=4
cache-control: no-cache
content-security-policy: default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com cdn.optimizely.com logx.optimizely.com/v1/events wss://live.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; worker-src github.com/socket-worker.js gist.github.com/socket-worker.js

GET
H/1.1

200
OK

29302267
avatars3.githubusercontent.com/u/
Redirect Chain

https://github.com/PRMerger16.png?size=32
https://avatars3.githubusercontent.com/u/29302267?s=32&v=4

2 KB
2 KB

36ms
35ms

Image
image/png

151.101.112.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://avatars3.githubusercontent.com/u/29302267?s=32&v=4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

87dfb1ba2c53a73de91d69af0b3e1cfd4f21d4fdf2d553e4579873ed79fabf2a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://docs.microsoft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Fastly-Request-ID: 1c34f1d777b4baba82f5b44de055c741576d6a74
Content-Security-Policy: default-src 'none'
Via: 1.1 varnish
X-Content-Type-Options: nosniff
X-Cache: HIT
X-Cache-Hits: 2
Connection: keep-alive
Vary: Authorization,Accept-Encoding
Content-Length: 1569
X-Xss-Protection: 1; mode=block
X-Served-By: cache-hhn4063-HHN
Last-Modified: Tue, 15 Jun 2010 14:30:24 GMT
X-GitHub-Request-Id: 5382:41A2:1EC850:261BB2:5EE990E4
X-Timer: S1594585980.185972,VS0,VE0
X-Frame-Options: deny
Date: Sun, 12 Jul 2020 20:33:00 GMT
Source-Age: 2220694
Strict-Transport-Security: max-age=31557600
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=300
Etag: "177545fef805df92027526b3e082b3e98e79dd39"
Accept-Ranges: bytes
Timing-Allow-Origin: https://github.com
Expires: Sun, 12 Jul 2020 20:38:00 GMT

Redirect headers

date: Sun, 12 Jul 2020 20:31:11 GMT
x-content-type-options: nosniff
status: 302 Found
strict-transport-security: max-age=31536000; includeSubdomains; preload
Content-Length: 128
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: GitHub.com
X-GitHub-Request-Id: D894:FDA8:561222E:7C6ACEE:5F0B737C
x-frame-options: deny
expect-ct: max-age=2592000, report-uri="https://api.github.com/_private/browser/errors"
vary: X-PJAX, Accept-Encoding, Accept, X-Requested-With, Accept-Encoding
content-type: image/png; charset=utf-8
location: https://avatars3.githubusercontent.com/u/29302267?s=32&v=4
cache-control: no-cache
content-security-policy: default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com cdn.optimizely.com logx.optimizely.com/v1/events wss://live.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; worker-src github.com/socket-worker.js gist.github.com/socket-worker.js

GET
H/1.1 200
OK t.js Show response
web.vortex.data.microsoft.com/collect/v1/ 45 B
407 B 59ms
59ms Script
application/javascript 40.77.226.250
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://web.vortex.data.microsoft.com/collect/v1/t.js?ver=%272.1%27&name=%27Ms.Webi.ContentUpdate%27&time=%272020-07-12T20%3A32%3A59.858Z%27&os=%27MacOS%27&appId=%27JS%3ADocs%27&-ver=%271.0%27&-impressionGuid=%272fd81041-40b5-4204-af66-91d692bc9c9d%27&-pageName=%2715a4ad8f-0039-5a6c-c97a-3a0dcdbfd492%27&-uri=%27https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure-advanced-threat-protection%2Fatp-reconnaissance-alerts%23user-and-group-membership-reconnaissance-samr-external-id-2021%27&-market=%27en-us%27&-pageTags=%27%7B%22author%22%3A%22shsagir%22%2C%22depotname%22%3A%22MSDN.ATPDocs%22%2C%22document_version_independent_id%22%3A%224ec306c4-50c3-9745-682c-0e131d2a90c2%22%2C%22gitcommit%22%3A%22https%3A%2F%2Fgithub.com%2FMicrosoftDocs%2FATADocs-pr%2Fblob%2F4b31ece67c246752d30cf4a98936cb06489bafec%2FATPDocs%2Fatp-reconnaissance-alerts.md%22%2C%22manager%22%3A%22shsagir%22%2C%22asst%22%3A%22e9cf68d2-36bd-4b0d-b36e-7cf7ded2618e%22%2C%22pgauth%22%3A%22shsagir%22%2C%22collection%22%3A%22M365-security-compliance%22%2C%22date%22%3A%2203%2F01%2F2020%22%2C%22reviewer%22%3A%22itargoet%22%2C%22pgsrvcs%22%3A%22azure-advanced-threat-protection%22%2C%22suite%22%3A%22ems%22%2C%22pgtop%22%3A%22tutorial%22%2C%22giturl%22%3A%22https%3A%2F%2Fgithub.com%2FMicrosoftDocs%2FATADocs-pr%2Fblob%2Flive%2FATPDocs%2Fatp-reconnaissance-alerts.md%22%2C%22publishtime%22%3A%222020-06-15%2001%3A57%20PM%22%2C%22contentlocale%22%3A%22en-us%22%2C%22highContrast%22%3A%22false%22%2C%22metaTags%22%3A%7B%7D%2C%22timing%22%3A%22%7B%5C%22first-paint%5C%22%3A1349.4450002908707%2C%5C%22first-contentful-paint%5C%22%3A1349.4450002908707%2C%5C%22navigationStart%5C%22%3A1594585978263%2C%5C%22unloadEventStart%5C%22%3A0%2C%5C%22unloadEventEnd%5C%22%3A0%2C%5C%22redirectStart%5C%22%3A0%2C%5C%22redirectEnd%5C%22%3A0%2C%5C%22fetchStart%5C%22%3A1594585978620%2C%5C%22domainLookupStart%5C%22%3A1594585978621%2C%5C%22domainLookupEnd%5C%22%3A1594585978622%2C%5C%22connectStart%5C%22%3A1594585978622%2C%5C%22connectEnd%5C%22%3A1594585978639%2C%5C%22secureConnectionStart%5C%22%3A1594585978627%2C%5C%22requestStart%5C%22%3A1594585978639%2C%5C%22responseStart%5C%22%3A1594585978898%2C%5C%22responseEnd%5C%22%3A1594585978899%2C%5C%22domLoading%5C%22%3A1594585979235%2C%5C%22domInteractive%5C%22%3A1594585979385%2C%5C%22domContentLoadedEventStart%5C%22%3A1594585979385%2C%5C%22domContentLoadedEventEnd%5C%22%3A1594585979591%2C%5C%22domComplete%5C%22%3A1594585979715%2C%5C%22loadEventStart%5C%22%3A1594585979715%2C%5C%22loadEventEnd%5C%22%3A1594585979719%7D%22%7D%27&-pageHeight=8672&-vpHeight=1200&-vpWidth=1600&-behavior=0&-vScrollOffset=6630&-hScrollOffset=0&-contentVer=%272.0%27&-content=%27%5B%5D%27&*baseType=%27Ms.Content.ContentUpdate%27&*title=%27Azure%20ATP%20reconnaissance%20phase%20security%20alerts%20%7C%20Microsoft%20Docs%27&*cookieEnabled=true&*isJs=true&*isDomComplete=true&*isLoggedIn=false&*pageLoadTime=1452&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.14%27&ext-javascript-domain=%27docs.microsoft.com%27&ext-javascript-msfpc=%27GUID%3D2b9a9f2bdf444b0db4f044c7d3ca19e7%26HASH%3D2b9a%26LV%3D202007%26V%3D4%26LU%3D1594585980091%27&ext-javascript-userConsent=false&ext-user-localId=%27t%3A2FA86A4A46BA6C54096C654F42BA6A07%27&$mscomCookies=false

Requested by

Host: az725175.vo.msecnd.net
URL: https://az725175.vo.msecnd.net/scripts/jsll-4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c9a4dd7b50eeb82a90457cb58ab085c427494828b3c8c8b5649c6c51b3c65175

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://docs.microsoft.com/en-us/azure-advanced-threat-protection/atp-reconnaissance-alerts
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 12 Jul 2020 20:33:00 GMT
X-Content-Type-Options: nosniff
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control: no-cache, no-store
MS-CV: Br1GKmFJC0KhRyP+Vvvq9g.0
Content-Type: application/javascript
Content-Length: 45
Expires: 0

GET
H/1.1

200
OK

7419039
avatars3.githubusercontent.com/u/
Redirect Chain

https://github.com/rkarlin.png?size=32
https://avatars3.githubusercontent.com/u/7419039?s=32&v=4

946 B
2 KB

39ms
39ms

Image
image/jpeg

151.101.112.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://avatars3.githubusercontent.com/u/7419039?s=32&v=4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

543788070c771e78653ee3be1fcf6849b5b382becb1ce8f17519c76312e00586

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://docs.microsoft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Fastly-Request-ID: a8fe35079375ce632b84d844ebc949f38340ea96
Content-Security-Policy: default-src 'none'
Via: 1.1 varnish
X-Content-Type-Options: nosniff
X-Cache: HIT
X-Cache-Hits: 2
Connection: keep-alive
Vary: Authorization,Accept-Encoding
Content-Length: 946
X-Xss-Protection: 1; mode=block
X-Served-By: cache-hhn4063-HHN
Last-Modified: Wed, 09 Sep 2015 08:59:51 GMT
X-GitHub-Request-Id: 459E:7AA8:13217E:168166:5E936470
X-Timer: S1594585980.228823,VS0,VE0
X-Frame-Options: deny
Date: Sun, 12 Jul 2020 20:33:00 GMT
Source-Age: 7868167
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=300
Etag: "42fb906cd1a7d93f482c15ba8ae261e5dd4d038a"
Accept-Ranges: bytes
Timing-Allow-Origin: https://github.com
Expires: Sun, 12 Jul 2020 20:38:00 GMT

Redirect headers

date: Sun, 12 Jul 2020 20:33:00 GMT
x-content-type-options: nosniff
status: 302 Found
strict-transport-security: max-age=31536000; includeSubdomains; preload
Content-Length: 127
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: GitHub.com
X-GitHub-Request-Id: D892:1844:6221C62:8DE121B:5F0B737C
x-frame-options: deny
expect-ct: max-age=2592000, report-uri="https://api.github.com/_private/browser/errors"
vary: X-PJAX, Accept-Encoding, Accept, X-Requested-With, Accept-Encoding
content-type: image/png; charset=utf-8
location: https://avatars3.githubusercontent.com/u/7419039?s=32&v=4
cache-control: no-cache
content-security-policy: default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com cdn.optimizely.com logx.optimizely.com/v1/events wss://live.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; worker-src github.com/socket-worker.js gist.github.com/socket-worker.js

GET
H/1.1

200
OK

51323195
avatars0.githubusercontent.com/u/
Redirect Chain

https://github.com/shsagir.png?size=32
https://avatars0.githubusercontent.com/u/51323195?s=32&v=4

995 B
2 KB

35ms
35ms

Image
image/jpeg

151.101.112.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://avatars0.githubusercontent.com/u/51323195?s=32&v=4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b3724bb570b85fcabe6dc497f945cd6eff6c77fea4083e776d1e17b8acd858f1

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://docs.microsoft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Fastly-Request-ID: e2529e23930d76cc3e8740a33e1b958de920fb56
Content-Security-Policy: default-src 'none'
Via: 1.1 varnish
X-Content-Type-Options: nosniff
X-Cache: HIT
X-Cache-Hits: 1
Connection: keep-alive
Vary: Authorization,Accept-Encoding
Content-Length: 995
X-Xss-Protection: 1; mode=block
X-Served-By: cache-hhn4077-HHN
Last-Modified: Mon, 03 Jun 2019 11:37:45 GMT
X-GitHub-Request-Id: E758:3CDE:2AFB46:3753B8:5D8351FD
X-Timer: S1594585980.297677,VS0,VE1
X-Frame-Options: deny
Date: Sun, 12 Jul 2020 20:33:00 GMT
Source-Age: 25698686
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=300
Etag: "bd5342d5084d26742c21816a5cbc9a304eb4d875"
Accept-Ranges: bytes
Timing-Allow-Origin: https://github.com
Expires: Sun, 12 Jul 2020 20:38:00 GMT

Redirect headers

date: Sun, 12 Jul 2020 20:33:00 GMT
x-content-type-options: nosniff
status: 302 Found
strict-transport-security: max-age=31536000; includeSubdomains; preload
Content-Length: 128
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: GitHub.com
X-GitHub-Request-Id: D892:1844:6221C82:8DE1247:5F0B737C
x-frame-options: deny
expect-ct: max-age=2592000, report-uri="https://api.github.com/_private/browser/errors"
vary: X-PJAX, Accept-Encoding, Accept, X-Requested-With, Accept-Encoding
content-type: image/png; charset=utf-8
location: https://avatars0.githubusercontent.com/u/51323195?s=32&v=4
cache-control: no-cache
content-security-policy: default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com cdn.optimizely.com logx.optimizely.com/v1/events wss://live.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; worker-src github.com/socket-worker.js gist.github.com/socket-worker.js

GET
H/1.1

200
OK

17304189
avatars0.githubusercontent.com/u/
Redirect Chain

https://github.com/meganbradley.png?size=32
https://avatars0.githubusercontent.com/u/17304189?s=32&v=4

977 B
2 KB

36ms
35ms

Image
image/jpeg

151.101.112.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://avatars0.githubusercontent.com/u/17304189?s=32&v=4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

523235a18ee8a542ecb5866c72b6c749d19f4695de81880281687e8a85e407e0

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://docs.microsoft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Fastly-Request-ID: 6e8f18e4b5643b03fc0660f58cfa5f868e2950dd
Content-Security-Policy: default-src 'none'
Via: 1.1 varnish
X-Content-Type-Options: nosniff
X-Cache: HIT
X-Cache-Hits: 1
Connection: keep-alive
Vary: Authorization,Accept-Encoding
Content-Length: 977
X-Xss-Protection: 1; mode=block
X-Served-By: cache-hhn4079-HHN
Last-Modified: Mon, 14 Mar 2016 17:38:57 GMT
X-GitHub-Request-Id: F7B2:2D64:315A75:3C852D:5E2F0E30
X-Timer: S1594585980.305010,VS0,VE1
X-Frame-Options: deny
Date: Sun, 12 Jul 2020 20:33:00 GMT
Source-Age: 14443852
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=300
Etag: "47d719add5c8ed38ea19d274b2964db746495892"
Accept-Ranges: bytes
Timing-Allow-Origin: https://github.com
Expires: Sun, 12 Jul 2020 20:38:00 GMT

Redirect headers

date: Sun, 12 Jul 2020 20:33:00 GMT
x-content-type-options: nosniff
status: 302 Found
strict-transport-security: max-age=31536000; includeSubdomains; preload
Content-Length: 128
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: GitHub.com
X-GitHub-Request-Id: D894:FDA8:5612261:7C6AD0F:5F0B737C
x-frame-options: deny
expect-ct: max-age=2592000, report-uri="https://api.github.com/_private/browser/errors"
vary: X-PJAX, Accept-Encoding, Accept, X-Requested-With, Accept-Encoding
content-type: image/png; charset=utf-8
location: https://avatars0.githubusercontent.com/u/17304189?s=32&v=4
cache-control: no-cache
content-security-policy: default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com cdn.optimizely.com logx.optimizely.com/v1/events wss://live.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; worker-src github.com/socket-worker.js gist.github.com/socket-worker.js

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.microsoft.com/	1970-01-19 20:18:01	Name: MUID Value: 0BF370FB3C106CB529C67FFE3D7B6D1B
docs.microsoft.com/	1970-01-19 19:42:01	Name: MSFPC Value: GUID=2b9a9f2bdf444b0db4f044c7d3ca19e7&HASH=2b9a&LV=202007&V=4&LU=1594585980091
docs.microsoft.com/	1970-01-19 10:56:27	Name: lux_uid Value: 159458597996617933
.microsoft.com/	1970-01-19 10:56:27	Name: MS0 Value: 2e3b69f7c88b495c9babd237f896885b
.microsoft.com/	1970-01-20 04:27:37	Name: _ga Value: GA1.2.1026356446.1594585980
.microsoft.com/	1970-01-19 10:56:26	Name: _gat Value: 1
.microsoft.com/	1970-01-19 10:57:52	Name: _gid Value: GA1.2.1520532116.1594585980
.microsoft.com/	1970-01-19 19:42:01	Name: MC1 Value: GUID=2b9a9f2bdf444b0db4f044c7d3ca19e7&HASH=2b9a&LV=202007&V=4&LU=1594585980091

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aka.ms
avatars0.githubusercontent.com
avatars1.githubusercontent.com
avatars3.githubusercontent.com
az725175.vo.msecnd.net
azure.microsoft.com
c.bing.com
c1.microsoft.com
cdn.speedcurve.com
docs.microsoft.com
github.com
stats.g.doubleclick.net
w.usabilla.com
web.vortex.data.microsoft.com
www.google-analytics.com
140.82.118.4
151.101.112.133
151.101.114.217
152.199.19.160
23.38.17.26
2620:1ec:21::16
2620:1ec:c11::200
2a00:1450:4001:816::200e
2a00:1450:400c:c04::9d
2a02:26f0:64:585::353e
40.77.226.250
52.142.114.2
99.80.110.198
1369b1c29cb113ffbb4da7ab2e12257f1f27cb3cc3930489721bbd998fcced0d
326d73243c62f6d829c62cced9b195bd837396c06246fc60253ae29766b8734b
3751e56e2f79fb411b42eea466721ec61ffa96a0b22cde5a464cfca9d24b8a59
5095436531e776cecb3a980b76c185e94ad39e43c985ca2681d9b89f0704a2b5
523235a18ee8a542ecb5866c72b6c749d19f4695de81880281687e8a85e407e0
543788070c771e78653ee3be1fcf6849b5b382becb1ce8f17519c76312e00586
61de5667cecbe920246e2c732a8ad280f70e11fb7ced5876f42bd41d384b239c
63c12051016796d92bcf4bc20b4881057475e6dfa4937c29c9e16054814ab47d
70801bdc5f234f9063d09e2e6bcfa086404056b51ff3478f902d23ef2cf4eca0
762190ee34bfcd24955a3fe5aff6eb3145e5762b0f41242f6349b563421e4340
765dd0039afbeb0c1e2dcddbdaee17f4de2687b1d40a1be94ff401b2ca982dd3
7d3e8e9d05c54aff571ff105976c145b27661ce222919bb88555db6e6df88dd7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8651e79d345871314abcf5450b60ae178cba753a35536ff67c8c6d8d190294ff
87dfb1ba2c53a73de91d69af0b3e1cfd4f21d4fdf2d553e4579873ed79fabf2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
b3724bb570b85fcabe6dc497f945cd6eff6c77fea4083e776d1e17b8acd858f1
b931248d538bd6e9f3b74afb1eae9e348b41ee569076d9f852cfb5448b8599b4
c8d7fa8642a382bc9b16c818434501d33ed565e8992d865e58c10d898530f433
c9a4dd7b50eeb82a90457cb58ab085c427494828b3c8c8b5649c6c51b3c65175
db8b7053837f82f77ec75728235304ca6508a5277c5640924b602c2a56db3ce4
e172a02b68f977a57a1690507df809db1e43130f0161961709a36dbd70b4d25f
e6bbfa4af18fb4f0e9c8a31d6654eac92d0f82dc895c6e5f49b54a8de51e5923
f4e2dc43eb318299e7ad29c290aad2d51532d6fac7e619c7bb2c1124875bb858
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

docs.microsoft.com Open in urlscan Pro 2a02:26f0:64:585::353e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

29 Requests

100 %HTTPS

38 %IPv6

10 Domains

15 Subdomains

10 IPs

6 Countries

561 kBTransfer

1804 kBSize

8 Cookies

13 Outgoing links

Page URL History

Redirected requests

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

docs.microsoft.com Open in urlscan Pro
2a02:26f0:64:585::353e Public Scan

Screenshot
Live screenshot

Full Image

29
Requests

100 %
HTTPS

38 %
IPv6

10
Domains

15
Subdomains

10
IPs

6
Countries

561 kB
Transfer

1804 kB
Size

8
Cookies

29 HTTP transactions
1 data transactions