docs.microsoft.com
Open in
urlscan Pro
2a02:26f0:1300:1b7::353e
Public Scan
Submission: On August 30 via api from DE
Summary
TLS certificate: Issued by Microsoft IT TLS CA 1 on April 19th 2019. Valid for: 2 years.
This is the only time docs.microsoft.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
11 | 2a02:26f0:130... 2a02:26f0:1300:1b7::353e | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 152.199.19.160 152.199.19.160 | 15133 (EDGECAST) (EDGECAST) | |
1 | 2a02:26f0:10c... 2a02:26f0:10c:381::356e | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2a02:26f0:10c... 2a02:26f0:10c:383::2b57 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 | 40.77.226.250 40.77.226.250 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
16 | 6 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
web.vortex.data.microsoft.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
microsoft.com
docs.microsoft.com uhf.microsoft.com web.vortex.data.microsoft.com |
519 KB |
1 |
s-microsoft.com
c.s-microsoft.com |
2 KB |
1 |
msecnd.net
az725175.vo.msecnd.net |
18 KB |
16 | 3 |
Domain | Requested by | |
---|---|---|
11 | docs.microsoft.com |
docs.microsoft.com
|
2 | web.vortex.data.microsoft.com |
az725175.vo.msecnd.net
|
1 | uhf.microsoft.com |
docs.microsoft.com
|
1 | c.s-microsoft.com |
docs.microsoft.com
|
1 | az725175.vo.msecnd.net |
docs.microsoft.com
|
16 | 5 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
docs.microsoft.com Microsoft IT TLS CA 1 |
2019-04-19 - 2021-04-19 |
2 years | crt.sh |
*.vo.msecnd.net Microsoft IT TLS CA 2 |
2020-03-18 - 2022-03-18 |
2 years | crt.sh |
www.microsoft.com Microsoft IT TLS CA 5 |
2019-10-21 - 2021-10-21 |
2 years | crt.sh |
unistore.www.microsoft.com Microsoft IT TLS CA 5 |
2019-04-30 - 2021-04-30 |
2 years | crt.sh |
*.vortex.data.microsoft.com Microsoft IT TLS CA 4 |
2020-01-21 - 2022-01-21 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://docs.microsoft.com/en-us/advanced-threat-analytics/suspicious-activity-guide
Frame ID: CFAC50D379D7409D5E6A3378E6E6D2CD
Requests: 17 HTTP requests in this frame
28 Outgoing links
These are links going to different origins than the main page.
Title: Learn more
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: Edit
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: LinkedIn
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: ATA Auditing (AuditPol, Advanced Audit Settings Enforcement, Lightweight Gateway Service discovery)
Search URL Search Domain Scan URL
Title: the scanner written by the ATA team
Search URL Search Domain Scan URL
Title: Skeleton Key Malware Analysis
Search URL Search Domain Scan URL
Title: Pass the hash recommendations
Search URL Search Domain Scan URL
Title: KRBTGT Account Password Reset Scripts now available for customers
Search URL Search Domain Scan URL
Title: https://gallery.technet.microsoft.com/Reset-the-krbtgt-account-581a9e51
Search URL Search Domain Scan URL
Title: KB3011780
Search URL Search Domain Scan URL
Title: SAMRi10 tool
Search URL Search Domain Scan URL
Title: Net Cease tool
Search URL Search Domain Scan URL
Title: this scanner
Search URL Search Domain Scan URL
Title: Disable SMBv1
Search URL Search Domain Scan URL
Title: Remove WannaCry
Search URL Search Domain Scan URL
Title: Wanna Cry Ransomware
Search URL Search Domain Scan URL
Title: Joining the security community
Search URL Search Domain Scan URL
Title: ATA suspicious activity playbook
Search URL Search Domain Scan URL
Title: Check out the ATA forum!
Search URL Search Domain Scan URL
Title: This product
Search URL Search Domain Scan URL
Title: This page
Search URL Search Domain Scan URL
Title: View all page feedback
Search URL Search Domain Scan URL
Title: Privacy & Cookies
Search URL Search Domain Scan URL
Title: Site Feedback
Search URL Search Domain Scan URL
Title: Trademarks
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
suspicious-activity-guide
docs.microsoft.com/en-us/advanced-threat-analytics/ |
81 KB 27 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ef3a64fe.site-ltr.css
docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/ |
395 KB 56 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2e5ce4ab.conceptual.css
docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/ |
3 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7501e2bd.index-polyfills.js
docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/scripts/ |
21 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
74e2026a.index-docs.js
docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/scripts/ |
1 MB 267 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
toc.json
docs.microsoft.com/en-us/advanced-threat-analytics/ |
5 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
toc.json
docs.microsoft.com/en-us/advanced-threat-analytics/bread/ |
767 B 1008 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jsll-4.js
az725175.vo.msecnd.net/scripts/ |
54 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookieConsent
docs.microsoft.com/api/privacy/ |
1 KB 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
68 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
docons.cdaef1a8.woff2
docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/ |
11 KB 11 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SegoeUI-Roman-VF_web.woff2
docs.microsoft.com/static/third-party/SegoeUIWeb/1.01.206/ |
116 KB 116 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
latest.woff2
docs.microsoft.com/static/third-party/SegoeUI/5.32/west-european/italic/ |
27 KB 28 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mscc-0.4.2.min.js
c.s-microsoft.com/mscc/statics/ |
4 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_log
uhf.microsoft.com/ |
0 128 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
t.js
web.vortex.data.microsoft.com/collect/v1/ |
281 B 966 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
t.js
web.vortex.data.microsoft.com/collect/v1/ |
45 B 407 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| trustedTypes object| msDocs function| applyFocusVisiblePolyfill object| litHtmlVersions function| setTheme object| awa string| behaviorKey object| mscc3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
docs.microsoft.com/ | Name: MSFPC Value: GUID=143a3dda63e546eaa9824a06ef1d3694&HASH=143a&LV=202008&V=4&LU=1598784376061 |
|
.microsoft.com/ | Name: MS0 Value: 692f99e9252447b581271f7a7e1e5717 |
|
.microsoft.com/ | Name: MC1 Value: GUID=143a3dda63e546eaa9824a06ef1d3694&HASH=143a&LV=202008&V=4&LU=1598784376061 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
az725175.vo.msecnd.net
c.s-microsoft.com
docs.microsoft.com
uhf.microsoft.com
web.vortex.data.microsoft.com
152.199.19.160
2a02:26f0:10c:381::356e
2a02:26f0:10c:383::2b57
2a02:26f0:1300:1b7::353e
40.77.226.250
035f5030c7f66f42b2845387c75b8fb8e95578e9a705131d863db8b6d11c9d0a
0ee976a86774e174326769d8fdce5f175dda9e9e469564d0dd6ea621066b9516
1a7b80a116b9b25059e2d3289d079153cfa594c18e124e7c75d2db915b0fda67
1fabd1b18bc7499ff4c5de2038beee214b7590fe1ec76d40703284cd588a5f33
3ee2889eae3bde597280f041de24909e4254a98757a112de9002d433c584c2a0
42419d750686457fbb761b531ad77bfb90397978a6e89857f09717c35e75b776
63c12051016796d92bcf4bc20b4881057475e6dfa4937c29c9e16054814ab47d
65d28f0f7be994e5c3fba6d7ccce77a5b90a44d5df3cf12185dc07762d1e0678
7d3e8e9d05c54aff571ff105976c145b27661ce222919bb88555db6e6df88dd7
89fb6acb008be25fd303881c584a4c80005f1dc65d3d4338d0ecb723490b8a31
a188e6c4c6729c3abbe6a34e45b5c3d7d65ffc659e1baa46632ffb1c876e815c
c9a4dd7b50eeb82a90457cb58ab085c427494828b3c8c8b5649c6c51b3c65175
ce4fabd95151b4a79fcc7c58dacbbce5c25ada8ad5be0e6be00a77f871de8e09
d2c0f9a966d195d28b0218f4a5a8fcd71bf36ea223cae79e40b828dd8457e390
e172a02b68f977a57a1690507df809db1e43130f0161961709a36dbd70b4d25f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6bbfa4af18fb4f0e9c8a31d6654eac92d0f82dc895c6e5f49b54a8de51e5923