URL: https://docs.microsoft.com/en-us/advanced-threat-analytics/suspicious-activity-guide
Submission: On August 30 via api from DE

Summary

This website contacted 6 IPs in 3 countries across 3 domains to perform 16 HTTP transactions. The main IP is 2a02:26f0:1300:1b7::353e, located in Ascension Island and belongs to AKAMAI-ASN1, EU. The main domain is docs.microsoft.com.
TLS certificate: Issued by Microsoft IT TLS CA 1 on April 19th 2019. Valid for: 2 years.
This is the only time docs.microsoft.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 2a02:26f0:130... 20940 (AKAMAI-ASN1)
1 152.199.19.160 15133 (EDGECAST)
1 2a02:26f0:10c... 20940 (AKAMAI-ASN1)
1 2a02:26f0:10c... 20940 (AKAMAI-ASN1)
2 40.77.226.250 8075 (MICROSOFT...)
16 6
Domain Requested by
11 docs.microsoft.com docs.microsoft.com
2 web.vortex.data.microsoft.com az725175.vo.msecnd.net
1 uhf.microsoft.com docs.microsoft.com
1 c.s-microsoft.com docs.microsoft.com
1 az725175.vo.msecnd.net docs.microsoft.com
16 5
Subject Issuer Validity Valid
docs.microsoft.com
Microsoft IT TLS CA 1
2019-04-19 -
2021-04-19
2 years crt.sh
*.vo.msecnd.net
Microsoft IT TLS CA 2
2020-03-18 -
2022-03-18
2 years crt.sh
www.microsoft.com
Microsoft IT TLS CA 5
2019-10-21 -
2021-10-21
2 years crt.sh
unistore.www.microsoft.com
Microsoft IT TLS CA 5
2019-04-30 -
2021-04-30
2 years crt.sh
*.vortex.data.microsoft.com
Microsoft IT TLS CA 4
2020-01-21 -
2022-01-21
2 years crt.sh

This page contains 1 frames:

Primary Page: https://docs.microsoft.com/en-us/advanced-threat-analytics/suspicious-activity-guide
Frame ID: CFAC50D379D7409D5E6A3378E6E6D2CD
Requests: 17 HTTP requests in this frame

Screenshot


Page Statistics

16
Requests

100 %
HTTPS

60 %
IPv6

3
Domains

5
Subdomains

6
IPs

3
Countries

539 kB
Transfer

1838 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request suspicious-activity-guide
docs.microsoft.com/en-us/advanced-threat-analytics/
81 KB
27 KB
Document
General
Full URL
https://docs.microsoft.com/en-us/advanced-threat-analytics/suspicious-activity-guide
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1300:1b7::353e , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
89fb6acb008be25fd303881c584a4c80005f1dc65d3d4338d0ecb723490b8a31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
docs.microsoft.com
:scheme
https
:path
/en-us/advanced-threat-analytics/suspicious-activity-guide
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
etag
"IE1V5JVzJaES4QJXWHxMO5tk8ijBg2SbnRnVQTMFQ0k="
request-context
appId=cid-v1:21aee9e4-1cf5-4750-b2bd-78b2747f4211
x-datacenter
wus
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-rendering-stack
Dynamic
content-type
text/html
content-encoding
gzip
vary
Accept-Encoding
content-length
27043
cache-control
public, max-age=600
expires
Sun, 30 Aug 2020 10:56:15 GMT
date
Sun, 30 Aug 2020 10:46:15 GMT
akamai-cache-status
Miss from child, RefreshHit from parent
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
ef3a64fe.site-ltr.css
docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/
395 KB
56 KB
Stylesheet
General
Full URL
https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/ef3a64fe.site-ltr.css
Requested by
Host: docs.microsoft.com
URL: https://docs.microsoft.com/en-us/advanced-threat-analytics/suspicious-activity-guide
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1300:1b7::353e , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
0ee976a86774e174326769d8fdce5f175dda9e9e469564d0dd6ea621066b9516
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://docs.microsoft.com/en-us/advanced-threat-analytics/suspicious-activity-guide
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
status
200
content-length
56464
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
last-modified
Thu, 27 Aug 2020 19:11:53 GMT
x-datacenter
wus
x-frame-options
SAMEORIGIN
date
Sun, 30 Aug 2020 10:46:15 GMT
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
content-type
text/css
cache-control
max-age=375864
etag
"0x8D84ABD0F452392"
akamai-cache-status
Hit from child
request-context
appId=cid-v1:21aee9e4-1cf5-4750-b2bd-78b2747f4211
expires
Thu, 03 Sep 2020 19:10:39 GMT
2e5ce4ab.conceptual.css
docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/
3 KB
2 KB
Stylesheet
General
Full URL
https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/2e5ce4ab.conceptual.css
Requested by
Host: docs.microsoft.com
URL: https://docs.microsoft.com/en-us/advanced-threat-analytics/suspicious-activity-guide
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1300:1b7::353e , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
3ee2889eae3bde597280f041de24909e4254a98757a112de9002d433c584c2a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://docs.microsoft.com/en-us/advanced-threat-analytics/suspicious-activity-guide
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
status
200
content-length
1109
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
last-modified
Fri, 28 Aug 2020 18:58:32 GMT
x-datacenter
wus
x-frame-options
SAMEORIGIN
date
Sun, 30 Aug 2020 10:46:15 GMT
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
content-type
text/css
cache-control
max-age=462075
etag
"0x8D84B845C553790"
akamai-cache-status
Hit from child
request-context
appId=cid-v1:21aee9e4-1cf5-4750-b2bd-78b2747f4211
expires
Fri, 04 Sep 2020 19:07:30 GMT
7501e2bd.index-polyfills.js
docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/scripts/
21 KB
6 KB
Script
General
Full URL
https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/scripts/7501e2bd.index-polyfills.js
Requested by
Host: docs.microsoft.com
URL: https://docs.microsoft.com/en-us/advanced-threat-analytics/suspicious-activity-guide
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1300:1b7::353e , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
1fabd1b18bc7499ff4c5de2038beee214b7590fe1ec76d40703284cd588a5f33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://docs.microsoft.com/en-us/advanced-threat-analytics/suspicious-activity-guide
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
status
200
content-length
5791
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
last-modified
Mon, 24 Aug 2020 20:49:46 GMT
x-datacenter
wus
x-frame-options
SAMEORIGIN
date
Sun, 30 Aug 2020 10:46:15 GMT
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
content-type
application/javascript
cache-control
max-age=307704
etag
"0x8D8486F3C2D7B09"
akamai-cache-status
Hit from child
request-context
appId=cid-v1:21aee9e4-1cf5-4750-b2bd-78b2747f4211
expires
Thu, 03 Sep 2020 00:14:39 GMT
74e2026a.index-docs.js
docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/scripts/
1 MB
267 KB
Script
General
Full URL
https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/scripts/74e2026a.index-docs.js
Requested by
Host: docs.microsoft.com
URL: https://docs.microsoft.com/en-us/advanced-threat-analytics/suspicious-activity-guide
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1300:1b7::353e , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
035f5030c7f66f42b2845387c75b8fb8e95578e9a705131d863db8b6d11c9d0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://docs.microsoft.com/en-us/advanced-threat-analytics/suspicious-activity-guide
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
status
200
content-length
272214
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
last-modified
Fri, 28 Aug 2020 18:58:32 GMT
x-datacenter
wus
x-frame-options
SAMEORIGIN
date
Sun, 30 Aug 2020 10:46:15 GMT
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
content-type
application/javascript
cache-control
max-age=461505
etag
"0x8D84B845C518D64"
akamai-cache-status
Hit from child
request-context
appId=cid-v1:21aee9e4-1cf5-4750-b2bd-78b2747f4211
expires
Fri, 04 Sep 2020 18:58:00 GMT
toc.json
docs.microsoft.com/en-us/advanced-threat-analytics/
5 KB
2 KB
Fetch
General
Full URL
https://docs.microsoft.com/en-us/advanced-threat-analytics/toc.json
Requested by
Host: docs.microsoft.com
URL: https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/scripts/74e2026a.index-docs.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1300:1b7::353e , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
1a7b80a116b9b25059e2d3289d079153cfa594c18e124e7c75d2db915b0fda67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://docs.microsoft.com/en-us/advanced-threat-analytics/suspicious-activity-guide
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
status
200
content-length
1611
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
x-rendering-stack
Static
last-modified
Sun, 05 Apr 2020 07:35:55 GMT
x-datacenter
wus
x-frame-options
SAMEORIGIN
date
Sun, 30 Aug 2020 10:46:15 GMT
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
content-type
application/json
cache-control
public, max-age=202
etag
"0x8D7D933F9BAE991"
akamai-cache-status
RefreshHit from child, RefreshHit from parent
request-context
appId=cid-v1:21aee9e4-1cf5-4750-b2bd-78b2747f4211
expires
Sun, 30 Aug 2020 10:49:37 GMT
toc.json
docs.microsoft.com/en-us/advanced-threat-analytics/bread/
767 B
1008 B
Fetch
General
Full URL
https://docs.microsoft.com/en-us/advanced-threat-analytics/bread/toc.json
Requested by
Host: docs.microsoft.com
URL: https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/scripts/74e2026a.index-docs.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1300:1b7::353e , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
ce4fabd95151b4a79fcc7c58dacbbce5c25ada8ad5be0e6be00a77f871de8e09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://docs.microsoft.com/en-us/advanced-threat-analytics/suspicious-activity-guide
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
status
200
content-length
379
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
x-rendering-stack
Static
last-modified
Tue, 14 Jul 2020 11:58:34 GMT
x-datacenter
wus
x-frame-options
SAMEORIGIN
date
Sun, 30 Aug 2020 10:46:15 GMT
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
content-type
application/json
cache-control
public, max-age=199
etag
"0x8D827ED3C1C5C3D"
akamai-cache-status
RefreshHit from child, RefreshHit from parent
request-context
appId=cid-v1:21aee9e4-1cf5-4750-b2bd-78b2747f4211
expires
Sun, 30 Aug 2020 10:49:34 GMT
jsll-4.js
az725175.vo.msecnd.net/scripts/
54 KB
18 KB
Script
General
Full URL
https://az725175.vo.msecnd.net/scripts/jsll-4.js
Requested by
Host: docs.microsoft.com
URL: https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/scripts/74e2026a.index-docs.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (waw/0539) /
Resource Hash
e6bbfa4af18fb4f0e9c8a31d6654eac92d0f82dc895c6e5f49b54a8de51e5923

Request headers

Referer
https://docs.microsoft.com/en-us/advanced-threat-analytics/suspicious-activity-guide
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 30 Aug 2020 10:46:15 GMT
content-encoding
gzip
content-md5
Dy7dMa7nsOSUbofNz/X23A==
age
147
x-cache
HIT
status
200
content-length
18058
x-ms-lease-status
unlocked
last-modified
Thu, 14 Mar 2019 00:43:49 GMT
server
ECAcc (waw/0539)
etag
0x8D6A8161FD3B925
vary
Accept-Encoding
content-type
text/javascript; charset="utf-8"
x-ms-request-id
95c374e0-201e-0039-58ba-7e8f8f000000
cache-control
public, max-age=1800, immutable
x-ms-version
2009-09-19
cookieConsent
docs.microsoft.com/api/privacy/
1 KB
1 KB
Fetch
General
Full URL
https://docs.microsoft.com/api/privacy/cookieConsent
Requested by
Host: docs.microsoft.com
URL: https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/scripts/74e2026a.index-docs.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1300:1b7::353e , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
42419d750686457fbb761b531ad77bfb90397978a6e89857f09717c35e75b776
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://docs.microsoft.com/en-us/advanced-threat-analytics/suspicious-activity-guide
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 30 Aug 2020 10:46:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
content-type
application/json; charset=utf-8
status
200
cache-control
private, max-age=86400
akamai-cache-status
Miss from child
content-length
832
request-context
appId=cid-v1:7fb2a082-1cb3-466c-9ec8-b99b10ef1f7c
truncated
/
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7d3e8e9d05c54aff571ff105976c145b27661ce222919bb88555db6e6df88dd7

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
docons.cdaef1a8.woff2
docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/
11 KB
11 KB
Font
General
Full URL
https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/docons.cdaef1a8.woff2
Requested by
Host: docs.microsoft.com
URL: https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/ef3a64fe.site-ltr.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1300:1b7::353e , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
d2c0f9a966d195d28b0218f4a5a8fcd71bf36ea223cae79e40b828dd8457e390
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
https://docs.microsoft.com
Referer
https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/ef3a64fe.site-ltr.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
status
200
content-length
10924
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
last-modified
Fri, 28 Aug 2020 18:58:33 GMT
x-datacenter
wus
date
Sun, 30 Aug 2020 10:46:15 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
content-type
application/font-woff2
cache-control
max-age=468789
etag
"0x8D84B845C745DDF"
akamai-cache-status
Hit from child
request-context
appId=cid-v1:21aee9e4-1cf5-4750-b2bd-78b2747f4211
expires
Fri, 04 Sep 2020 20:59:24 GMT
SegoeUI-Roman-VF_web.woff2
docs.microsoft.com/static/third-party/SegoeUIWeb/1.01.206/
116 KB
116 KB
Font
General
Full URL
https://docs.microsoft.com/static/third-party/SegoeUIWeb/1.01.206/SegoeUI-Roman-VF_web.woff2
Requested by
Host: docs.microsoft.com
URL: https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/ef3a64fe.site-ltr.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1300:1b7::353e , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
63c12051016796d92bcf4bc20b4881057475e6dfa4937c29c9e16054814ab47d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains

Request headers

Origin
https://docs.microsoft.com
Referer
https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/ef3a64fe.site-ltr.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
strict-transport-security
max-age=15768000 ; includeSubDomains
etag
0x8D7D0D9DD3E1C3B
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
content-md5
vKlyGNyjyxXOAoTLy0UokA==
status
200
content-length
118288
x-ms-lease-status
unlocked
last-modified
Wed, 25 Mar 2020 16:30:43 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
date
Sun, 30 Aug 2020 10:46:15 GMT
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
7bba6e55-c01e-0039-788f-308f36000000
cache-control
max-age=22941208
x-ms-version
2009-09-19
akamai-cache-status
Hit from child
expires
Sat, 22 May 2021 23:19:43 GMT
latest.woff2
docs.microsoft.com/static/third-party/SegoeUI/5.32/west-european/italic/
27 KB
28 KB
Font
General
Full URL
https://docs.microsoft.com/static/third-party/SegoeUI/5.32/west-european/italic/latest.woff2
Requested by
Host: docs.microsoft.com
URL: https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/ef3a64fe.site-ltr.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1300:1b7::353e , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e172a02b68f977a57a1690507df809db1e43130f0161961709a36dbd70b4d25f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains

Request headers

Origin
https://docs.microsoft.com
Referer
https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/ef3a64fe.site-ltr.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
strict-transport-security
max-age=15768000 ; includeSubDomains
etag
0x8D81ECF72818A4F
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
content-md5
KDXuKBsHfKiscoVwIAfIlA==
status
200
content-length
27624
x-ms-lease-status
unlocked
last-modified
Thu, 02 Jul 2020 21:32:40 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
date
Sun, 30 Aug 2020 10:46:15 GMT
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
438fdc9e-b01e-003d-1af0-537ab4000000
cache-control
max-age=26831035
x-ms-version
2009-09-19
akamai-cache-status
Hit from child
expires
Tue, 06 Jul 2021 23:50:10 GMT
mscc-0.4.2.min.js
c.s-microsoft.com/mscc/statics/
4 KB
2 KB
Script
General
Full URL
https://c.s-microsoft.com/mscc/statics/mscc-0.4.2.min.js
Requested by
Host: docs.microsoft.com
URL: https://docs.microsoft.com/_themes/docs.theme/master/en-us/_themes/scripts/74e2026a.index-docs.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:10c:381::356e , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
a188e6c4c6729c3abbe6a34e45b5c3d7d65ffc659e1baa46632ffb1c876e815c

Request headers

Referer
https://docs.microsoft.com/en-us/advanced-threat-analytics/suspicious-activity-guide
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sun, 30 Aug 2020 10:46:15 GMT
content-encoding
gzip
last-modified
Fri, 10 Jan 2020 15:56:14 GMT
content-md5
AO6kLOW8s6NiicKEPl74tA==
status
200
etag
0x8D795E59EC908A0
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
c301cbc5-701e-00d5-7dfc-c75b45000000
x-ms-version
2009-09-19
content-length
2017
_log
uhf.microsoft.com/
0
128 B
Image
General
Full URL
https://uhf.microsoft.com/_log?o=mscc&s=docs.microsoft.com&m=show&nv=netcore-3.2.1&sv=0.1.3
Requested by
Host: docs.microsoft.com
URL: https://docs.microsoft.com/en-us/advanced-threat-analytics/suspicious-activity-guide
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:10c:383::2b57 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://docs.microsoft.com/en-us/advanced-threat-analytics/suspicious-activity-guide
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Aug 2020 10:46:15 GMT
status
204
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
0
expires
Sun, 30 Aug 2020 10:46:15 GMT
t.js
web.vortex.data.microsoft.com/collect/v1/
281 B
966 B
Script
General
Full URL
https://web.vortex.data.microsoft.com/collect/v1/t.js?ver=%272.1%27&name=%27Ms.Webi.PageView%27&time=%272020-08-30T10%3A46%3A15.827Z%27&os=%27MacOS%27&appId=%27JS%3ADocs%27&-ver=%271.0%27&-impressionGuid=%27d24bea2f-8ac4-4a9f-9b87-3e487800393a%27&-pageName=%270300af32-7568-5553-e183-e15e490456a3%27&-uri=%27https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fadvanced-threat-analytics%2Fsuspicious-activity-guide%27&-market=%27en-us%27&-pageType=%27conceptual%27&-resHeight=1200&-resWidth=1600&-pageTags=%27%7B%22author%22%3A%22shsagir%22%2C%22depotname%22%3A%22Azure.ATADocs%22%2C%22document_version_independent_id%22%3A%2247bfec66-9a46-c09e-f8f7-f4b49aed56bb%22%2C%22gitcommit%22%3A%22https%3A%2F%2Fgithub.com%2FMicrosoftDocs%2FATADocs-pr%2Fblob%2F7a0889ce1e186682761c6eced827c489bb2d22d7%2FATADocs%2Fsuspicious-activity-guide.md%22%2C%22manager%22%3A%22shsagir%22%2C%22asst%22%3A%221fe5fd6f-1b79-4a25-8051-2f94ff6c71c1%22%2C%22pgauth%22%3A%22shsagir%22%2C%22date%22%3A%2204%2F03%2F2019%22%2C%22product%22%3A%22advanced-threat-analytics%22%2C%22reviewer%22%3A%22bennyl%22%2C%22suite%22%3A%22ems%22%2C%22technology%22%3A%22%22%2C%22pgtop%22%3A%22conceptual%22%2C%22giturl%22%3A%22https%3A%2F%2Fgithub.com%2FMicrosoftDocs%2FATADocs-pr%2Fblob%2Flive%2FATADocs%2Fsuspicious-activity-guide.md%22%2C%22publishtime%22%3A%222020-08-27%2002%3A07%20PM%22%2C%22contentlocale%22%3A%22en-us%22%2C%22highContrast%22%3A%22false%22%2C%22metaTags%22%3A%7B%7D%7D%27&-behavior=0&*baseType=%27Ms.Content.PageView%27&*cookieEnabled=true&*isJs=true&*title=%27ATA%20suspicious%20activity%20guide%20%7C%20Microsoft%20Docs%27&*isLoggedIn=false&*flashInstalled=false&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.14%27&ext-javascript-domain=%27docs.microsoft.com%27&ext-javascript-userConsent=false&$mscomCookies=false
Requested by
Host: az725175.vo.msecnd.net
URL: https://az725175.vo.msecnd.net/scripts/jsll-4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
65d28f0f7be994e5c3fba6d7ccce77a5b90a44d5df3cf12185dc07762d1e0678
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://docs.microsoft.com/en-us/advanced-threat-analytics/suspicious-activity-guide
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Aug 2020 10:46:15 GMT
X-Content-Type-Options
nosniff
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control
no-cache, no-store
MS-CV
Ni+22/tj1UC7VEE3R3qkwg.0
Content-Type
application/javascript
Content-Length
281
Expires
0
t.js
web.vortex.data.microsoft.com/collect/v1/
45 B
407 B
Script
General
Full URL
https://web.vortex.data.microsoft.com/collect/v1/t.js?ver=%272.1%27&name=%27Ms.Webi.ContentUpdate%27&time=%272020-08-30T10%3A46%3A16.131Z%27&os=%27MacOS%27&appId=%27JS%3ADocs%27&-ver=%271.0%27&-impressionGuid=%27d24bea2f-8ac4-4a9f-9b87-3e487800393a%27&-pageName=%270300af32-7568-5553-e183-e15e490456a3%27&-uri=%27https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fadvanced-threat-analytics%2Fsuspicious-activity-guide%27&-market=%27en-us%27&-pageTags=%27%7B%22author%22%3A%22shsagir%22%2C%22depotname%22%3A%22Azure.ATADocs%22%2C%22document_version_independent_id%22%3A%2247bfec66-9a46-c09e-f8f7-f4b49aed56bb%22%2C%22gitcommit%22%3A%22https%3A%2F%2Fgithub.com%2FMicrosoftDocs%2FATADocs-pr%2Fblob%2F7a0889ce1e186682761c6eced827c489bb2d22d7%2FATADocs%2Fsuspicious-activity-guide.md%22%2C%22manager%22%3A%22shsagir%22%2C%22asst%22%3A%221fe5fd6f-1b79-4a25-8051-2f94ff6c71c1%22%2C%22pgauth%22%3A%22shsagir%22%2C%22date%22%3A%2204%2F03%2F2019%22%2C%22product%22%3A%22advanced-threat-analytics%22%2C%22reviewer%22%3A%22bennyl%22%2C%22suite%22%3A%22ems%22%2C%22technology%22%3A%22%22%2C%22pgtop%22%3A%22conceptual%22%2C%22giturl%22%3A%22https%3A%2F%2Fgithub.com%2FMicrosoftDocs%2FATADocs-pr%2Fblob%2Flive%2FATADocs%2Fsuspicious-activity-guide.md%22%2C%22publishtime%22%3A%222020-08-27%2002%3A07%20PM%22%2C%22contentlocale%22%3A%22en-us%22%2C%22highContrast%22%3A%22false%22%2C%22metaTags%22%3A%7B%7D%2C%22timing%22%3A%22%7B%5C%22first-paint%5C%22%3A672.0949988812208%2C%5C%22first-contentful-paint%5C%22%3A672.0949988812208%2C%5C%22navigationStart%5C%22%3A1598784375060%2C%5C%22unloadEventStart%5C%22%3A0%2C%5C%22unloadEventEnd%5C%22%3A0%2C%5C%22redirectStart%5C%22%3A0%2C%5C%22redirectEnd%5C%22%3A0%2C%5C%22fetchStart%5C%22%3A1598784375060%2C%5C%22domainLookupStart%5C%22%3A1598784375061%2C%5C%22domainLookupEnd%5C%22%3A1598784375063%2C%5C%22connectStart%5C%22%3A1598784375063%2C%5C%22connectEnd%5C%22%3A1598784375081%2C%5C%22secureConnectionStart%5C%22%3A1598784375068%2C%5C%22requestStart%5C%22%3A1598784375081%2C%5C%22responseStart%5C%22%3A1598784375377%2C%5C%22responseEnd%5C%22%3A1598784375383%2C%5C%22domLoading%5C%22%3A1598784375381%2C%5C%22domInteractive%5C%22%3A1598784375508%2C%5C%22domContentLoadedEventStart%5C%22%3A1598784375508%2C%5C%22domContentLoadedEventEnd%5C%22%3A1598784375712%2C%5C%22domComplete%5C%22%3A1598784376106%2C%5C%22loadEventStart%5C%22%3A1598784376106%2C%5C%22loadEventEnd%5C%22%3A1598784376107%7D%22%7D%27&-pageHeight=17213&-vpHeight=1200&-vpWidth=1600&-behavior=0&-vScrollOffset=0&-hScrollOffset=0&-contentVer=%272.0%27&-content=%27%5B%5D%27&*baseType=%27Ms.Content.ContentUpdate%27&*title=%27ATA%20suspicious%20activity%20guide%20%7C%20Microsoft%20Docs%27&*cookieEnabled=true&*isJs=true&*isDomComplete=true&*isLoggedIn=false&*pageLoadTime=1046&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.14%27&ext-javascript-domain=%27docs.microsoft.com%27&ext-javascript-msfpc=%27GUID%3D143a3dda63e546eaa9824a06ef1d3694%26HASH%3D143a%26LV%3D202008%26V%3D4%26LU%3D1598784376061%27&ext-javascript-userConsent=false&$mscomCookies=false
Requested by
Host: az725175.vo.msecnd.net
URL: https://az725175.vo.msecnd.net/scripts/jsll-4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c9a4dd7b50eeb82a90457cb58ab085c427494828b3c8c8b5649c6c51b3c65175
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://docs.microsoft.com/en-us/advanced-threat-analytics/suspicious-activity-guide
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Aug 2020 10:46:15 GMT
X-Content-Type-Options
nosniff
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control
no-cache, no-store
MS-CV
cIh1MATDfk+FnTdWP/FPDg.0
Content-Type
application/javascript
Content-Length
45
Expires
0

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes object| msDocs function| applyFocusVisiblePolyfill object| litHtmlVersions function| setTheme object| awa string| behaviorKey object| mscc

3 Cookies

Domain/Path Name / Value
docs.microsoft.com/ Name: MSFPC
Value: GUID=143a3dda63e546eaa9824a06ef1d3694&HASH=143a&LV=202008&V=4&LU=1598784376061
.microsoft.com/ Name: MS0
Value: 692f99e9252447b581271f7a7e1e5717
.microsoft.com/ Name: MC1
Value: GUID=143a3dda63e546eaa9824a06ef1d3694&HASH=143a&LV=202008&V=4&LU=1598784376061

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block