learn.microsoft.com
Open in
urlscan Pro
96.16.156.108
Public Scan
Effective URL: https://learn.microsoft.com/en-us/defender-for-identity/domain-dominance-alerts
Submission: On November 19 via api from US — Scanned from SE
Summary
TLS certificate: Issued by Microsoft Azure TLS Issuing CA 05 on September 2nd 2022. Valid for: a year.
This is the only time learn.microsoft.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 92.122.38.31 92.122.38.31 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
2 9 | 96.16.156.108 96.16.156.108 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
2 | 13.107.219.44 13.107.219.44 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
9 | 3 |
ASN16625 (AKAMAI-AS, US)
PTR: a92-122-38-31.deploy.static.akamaitechnologies.com
aka.ms |
ASN16625 (AKAMAI-AS, US)
PTR: a96-16-156-108.deploy.static.akamaitechnologies.com
learn.microsoft.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
wcpstatic.microsoft.com | |
js.monitor.azure.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
microsoft.com
2 redirects
learn.microsoft.com — Cisco Umbrella Rank: 10913 wcpstatic.microsoft.com — Cisco Umbrella Rank: 5112 |
873 KB |
1 |
azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 1654 |
61 KB |
1 |
aka.ms
1 redirects
aka.ms — Cisco Umbrella Rank: 6733 |
552 B |
9 | 3 |
Domain | Requested by | |
---|---|---|
9 | learn.microsoft.com |
2 redirects
learn.microsoft.com
|
1 | js.monitor.azure.com |
learn.microsoft.com
|
1 | wcpstatic.microsoft.com |
learn.microsoft.com
|
1 | aka.ms | 1 redirects |
9 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
go.microsoft.com |
www.microsoft.com |
github.com |
attack.mitre.org |
support.microsoft.com |
www.virusbulletin.com |
aka.ms |
techcommunity.microsoft.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
learn.microsoft.com Microsoft Azure TLS Issuing CA 05 |
2022-09-02 - 2023-08-28 |
a year | crt.sh |
wcpstatic.microsoft.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-03-10 - 2023-03-10 |
a year | crt.sh |
js.monitor.azure.com Microsoft Azure TLS Issuing CA 01 |
2022-09-24 - 2023-09-19 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://learn.microsoft.com/en-us/defender-for-identity/domain-dominance-alerts
Frame ID: F37803EE327C5112D688B69056F56D74
Requests: 10 HTTP requests in this frame
Screenshot
Page Title
Microsoft Defender for Identity domain dominance security alerts | Microsoft LearnPage URL History Show full URLs
-
https://aka.ms/atasaguide-remotexe
HTTP 301
https://learn.microsoft.com/en-us/azure-advanced-threat-protection/atp-domain-dominance-alerts HTTP 301
https://learn.microsoft.com/en-us/defender-for-identity/atp-domain-dominance-alerts HTTP 301
https://learn.microsoft.com/en-us/defender-for-identity/domain-dominance-alerts Page URL
Page Statistics
37 Outgoing links
These are links going to different origins than the main page.
Title: Download Microsoft Edge
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Credential Access (TA0006)
Search URL Search Domain Scan URL
Title: Credentials from Password Stores (T1555)
Search URL Search Domain Scan URL
Title: Execution (TA0002)
Search URL Search Domain Scan URL
Title: Lateral Movement (TA0008)
Search URL Search Domain Scan URL
Title: Command and Scripting Interpreter (T1059)
Search URL Search Domain Scan URL
Title: Remote Services (T1021)
Search URL Search Domain Scan URL
Title: PowerShell (T1059.001)
Search URL Search Domain Scan URL
Title: Windows Remote Management (T1021.006)
Search URL Search Domain Scan URL
Title: Defense Evasion (TA0005)
Search URL Search Domain Scan URL
Title: Rogue Domain Controller (T1207)
Search URL Search Domain Scan URL
Title: Persistence (TA0003)
Search URL Search Domain Scan URL
Title: OS Credential Dumping (T1003)
Search URL Search Domain Scan URL
Title: DCSync (T1003.006)
Search URL Search Domain Scan URL
Title: Privilege Escalation (TA0004)
Search URL Search Domain Scan URL
Title: Steal or Forge Kerberos Tickets (T1558)
Search URL Search Domain Scan URL
Title: Golden Ticket(T1558.001)
Search URL Search Domain Scan URL
Title: KB3011780
Search URL Search Domain Scan URL
Title: KB2496930
Search URL Search Domain Scan URL
Title: Exploitation for Privilege Escalation (T1068)
Search URL Search Domain Scan URL
Title: Exploitation of Remote Services (T1210)
Search URL Search Domain Scan URL
Title: Modify Authentication Process (T1556)
Search URL Search Domain Scan URL
Title: Domain Controller Authentication (T1556.001)
Search URL Search Domain Scan URL
Title: Skeleton Key Malware Analysis
Search URL Search Domain Scan URL
Title: Account Manipulation (T1098)
Search URL Search Domain Scan URL
Title: Domain Policy Modification (T1484)
Search URL Search Domain Scan URL
Title: System Services (T1569)
Search URL Search Domain Scan URL
Title: Create or Modify System Process (T1543)
Search URL Search Domain Scan URL
Title: Service Execution (T1569.002)
Search URL Search Domain Scan URL
Title: Windows Service (T1543.003)
Search URL Search Domain Scan URL
Title: Check out the Defender for Identity forum!
Search URL Search Domain Scan URL
Title: View all page feedback
Search URL Search Domain Scan URL
Title: Blog
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: Trademarks
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://aka.ms/atasaguide-remotexe
HTTP 301
https://learn.microsoft.com/en-us/azure-advanced-threat-protection/atp-domain-dominance-alerts HTTP 301
https://learn.microsoft.com/en-us/defender-for-identity/atp-domain-dominance-alerts HTTP 301
https://learn.microsoft.com/en-us/defender-for-identity/domain-dominance-alerts Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
9 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
domain-dominance-alerts
learn.microsoft.com/en-us/defender-for-identity/ Redirect Chain
|
106 KB 26 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c7fd2cab.site-ltr.css
learn.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/ |
467 KB 69 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wcp-consent.js
wcpstatic.microsoft.com/mscc/lib/v2/ |
273 KB 80 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ms.jsll-3.min.js
js.monitor.azure.com/scripts/c/ |
179 KB 61 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
67a45209.deprecation.js
learn.microsoft.com/_themes/docs.theme/master/en-us/_themes/global/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9f64cd40.index-docs.js
learn.microsoft.com/_themes/docs.theme/master/en-us/_themes/scripts/ |
2 MB 534 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
docons.3b80f48c.woff2
learn.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/ |
14 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SegoeUI-Roman-VF_web.woff2
learn.microsoft.com/static/third-party/SegoeUIWeb/1.01.206/ |
116 KB 117 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
195 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
latest.woff2
learn.microsoft.com/static/third-party/SegoeUI/5.32/west-european/italic/ |
27 KB 28 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| msDocs function| WcpConsent function| mscc object| e function| t object| oneDS object| __dynProto$Gbl object| awa function| FormBehaviorElement function| applyFocusVisiblePolyfill object| litHtmlVersions3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
learn.microsoft.com/en-us/defender-for-identity | Name: original_req_url Value: https://learn.microsoft.com/en-us/defender-for-identity/atp-domain-dominance-alerts |
|
.learn.microsoft.com/ | Name: ARRAffinity Value: abf1036e2f3790403ac58f08d1b47435658b34cce752f94ea35941d932846147 |
|
.learn.microsoft.com/ | Name: ARRAffinitySameSite Value: abf1036e2f3790403ac58f08d1b47435658b34cce752f94ea35941d932846147 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aka.ms
js.monitor.azure.com
learn.microsoft.com
wcpstatic.microsoft.com
13.107.219.44
92.122.38.31
96.16.156.108
559d4172dbbc5ac3f56b73c4a73cbbc568efb08b200550712606a97a8d00a1ac
63c12051016796d92bcf4bc20b4881057475e6dfa4937c29c9e16054814ab47d
71414a367ddc039e009f7e89dc5dd8a572ebf99808ee6701c8c2d3818bdcfcb8
947b186f39b4476a0f4b1f49c9a03d252d14b6eb61215f93e0af0693abc51790
c688d3f2135b6b51617a306a0b1a665324402a00a6bceba475881af281503ad9
cacd215430aa66f1391abd136f23ddb729b3fe44c6385a43b62d7a9e8479ea03
dc38ba12c4c74a9b7f56f1f6c64efcec67ed0ec2e9a258e15eb0d3f35198c40a
e172a02b68f977a57a1690507df809db1e43130f0161961709a36dbd70b4d25f
f04dab0bb68ba42fedc45afc9d54dbdebd645d508925ac44314b578656bdaa59
f8ae8a1dc7ce7877b9fb9299183d2ebb3befad0b6489ae785d99047ec2eb92d1