urlscan.io logo urlscan.io
SecurityTrails logo

o365blog.com Open in urlscan Pro
185.199.108.153  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://o365blog.com/aadinternals/#hack-functions-pass-through-authentication-pta
Effective URL: https://o365blog.com/aadinternals/
Submission: On November 21 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 8 domains to perform 30 HTTP transactions. The main IP is 185.199.108.153, located in United States and belongs to FASTLY, US. The main domain is o365blog.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on October 2nd 2020. Valid for: 3 months.
This is the only time o365blog.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

10    185.199.108.153 (United States)

ASN54113 (FASTLY, US)
o365blog.com
1    2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)
maxcdn.bootstrapcdn.com
1    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    151.101.112.134 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
o365blog-com.disqus.com
1    2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2606:4700::6812:a913 (United States)

ASN13335 (CLOUDFLARENET, US)
c.disquscdn.com
2    151.101.0.134 (United States)

ASN54113 (FASTLY, US)
disqus.com
2    65.9.86.39 (Seattle, United States)

ASN16509 (AMAZON-02, US)
cdn.viglink.com
4    151.101.112.64 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
links.services.disqus.com
Domain Requested by
10 o365blog.com o365blog.com
4 links.services.disqus.com c.disquscdn.com
4 c.disquscdn.com o365blog-com.disqus.com
2 cdn.viglink.com
2 disqus.com o365blog-com.disqus.com
2 fonts.gstatic.com fonts.googleapis.com
2 www.google-analytics.com o365blog.com
www.google-analytics.com
2 maxcdn.bootstrapcdn.com o365blog.com
maxcdn.bootstrapcdn.com
1 o365blog-com.disqus.com o365blog.com
1 fonts.googleapis.com o365blog.com
30 10
Subject Issuer Validity Valid
o365blog.com
Let's Encrypt Authority X3		 2020-10-02 -
2020-12-31		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2020-09-22 -
2021-10-12		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
*.disqus.com
DigiCert SHA2 Secure Server CA		 2020-04-20 -
2022-05-09		 2 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-15 -
2021-08-15		 a year crt.sh
viglink.com
Amazon		 2020-01-10 -
2021-02-10		 a year crt.sh
f.ssl.fastly.net
GlobalSign Organization Validation CA - SHA256 - G2		 2018-08-30 -
2020-12-02		 2 years crt.sh

This page contains 2 frames:

Primary Page: https://o365blog.com/aadinternals/
Frame ID: 1D7F3759931DBC5AE46B2B09CBC3596C
Requests: 29 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=o365blog-com&t_u=https%3A%2F%2Fo365blog.com%2Faadinternals%2F&t_d=AAD%20Internals&t_t=AAD%20Internals&s_o=default
Frame ID: D0C77943E42318D87D49E62A9753ED49
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

30
Requests

100 %
HTTPS

55 %
IPv6

8
Domains

10
Subdomains

11
IPs

3
Countries

567 kB
Transfer

729 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
o365blog.com/aadinternals/ 		286 KB
53 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://o365blog.com/aadinternals/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
6ec8bfe4b75f29efb09ff0ad4cbbbd9d7d1c0cf98f9650f80146b0cf0ea6923f

Request headers

:method
GET
:authority
o365blog.com
:scheme
https
:path
/aadinternals/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
server
GitHub.com
last-modified
Thu, 19 Nov 2020 13:02:46 GMT
etag
W/"5fb66cf6-4783d"
access-control-allow-origin
*
expires
Sat, 21 Nov 2020 12:34:05 GMT
cache-control
max-age=600
content-encoding
gzip
x-proxy-cache
MISS
x-github-request-id
5422:20F2:56BCEB:5C1916:5FB906E5
accept-ranges
bytes
date
Sat, 21 Nov 2020 12:24:05 GMT
via
1.1 varnish
age
0
x-served-by
cache-cdg20728-CDG
x-cache
MISS
x-cache-hits
0
x-timer
S1605961445.212691,VS0,VE109
vary
Accept-Encoding
x-fastly-request-id
0cc10d0d2a189734670b4f8903df0b296651a63e
content-length
54157
css
fonts.googleapis.com/ 		6 KB
819 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700
Requested by
Host: o365blog.com
URL: https://o365blog.com/aadinternals/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3cc3e302240913c8c2351345099477787aa52d3226f8478404451497c712f1be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://o365blog.com/aadinternals/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 21 Nov 2020 12:19:51 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
date
Sat, 21 Nov 2020 12:24:05 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Sat, 21 Nov 2020 12:24:05 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ 		27 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Requested by
Host: o365blog.com
URL: https://o365blog.com/aadinternals/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://o365blog.com/aadinternals/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 21 Nov 2020 12:24:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:35:19 GMT
etag
"1544639719"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
6241
style.css
o365blog.com/css/ 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://o365blog.com/css/style.css
Requested by
Host: o365blog.com
URL: https://o365blog.com/aadinternals/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
013349776470b75af65dd5df5c90f912240d60384ab7a9c44e218e526f5e07f6

Request headers

Referer
https://o365blog.com/aadinternals/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id
90b6243f26c2e078ce75f4ca04426ffab07d40ad
date
Sat, 21 Nov 2020 12:24:05 GMT
content-encoding
gzip
age
0
x-cache
MISS
content-length
4983
x-served-by
cache-cdg20728-CDG
access-control-allow-origin
*
last-modified
Thu, 19 Nov 2020 13:02:46 GMT
server
GitHub.com
x-github-request-id
1654:A432:5957C9:5EDB37:5FB906E5
x-timer
S1605961445.358196,VS0,VE99
etag
W/"5fb66cf6-5212"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
via
1.1 varnish
expires
Sat, 21 Nov 2020 12:34:05 GMT
cache-control
max-age=600
accept-ranges
bytes
x-proxy-cache
MISS
x-cache-hits
0
scripts.js
o365blog.com/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://o365blog.com/js/scripts.js
Requested by
Host: o365blog.com
URL: https://o365blog.com/aadinternals/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
9300c5d77122bc84923ec654e3ff94c0e49e7ce0a983da5f4ef46ffb1a76db21

Request headers

Referer
https://o365blog.com/aadinternals/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id
c3cb9a721d47c77ed2f93286dd97859e72c1874f
date
Sat, 21 Nov 2020 12:24:05 GMT
content-encoding
gzip
age
0
x-cache
MISS
content-length
2350
x-served-by
cache-cdg20728-CDG
access-control-allow-origin
*
last-modified
Thu, 19 Nov 2020 13:02:46 GMT
server
GitHub.com
x-github-request-id
0A12:E8F2:4EC963:53ABC1:5FB906E5
x-timer
S1605961445.358136,VS0,VE98
etag
W/"5fb66cf6-19af"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
expires
Sat, 21 Nov 2020 12:34:05 GMT
cache-control
max-age=600
accept-ranges
bytes
x-proxy-cache
MISS
x-cache-hits
0
tools.js
o365blog.com/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://o365blog.com/js/tools.js
Requested by
Host: o365blog.com
URL: https://o365blog.com/aadinternals/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
819f0cd62ecd0c4b0200ec6454b0766be28a5bd830b49f4b3a34efaad041c262

Request headers

Referer
https://o365blog.com/aadinternals/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id
b94d556936506dca684d4d5d16872c9e500fa252
date
Sat, 21 Nov 2020 12:24:05 GMT
content-encoding
gzip
age
0
x-cache
MISS
content-length
1398
x-served-by
cache-cdg20728-CDG
access-control-allow-origin
*
last-modified
Thu, 19 Nov 2020 13:02:46 GMT
server
GitHub.com
x-github-request-id
64F6:E998:4F315C:5421E5:5FB906E5
x-timer
S1605961445.358086,VS0,VE98
etag
W/"5fb66cf6-fc8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
expires
Sat, 21 Nov 2020 12:34:05 GMT
cache-control
max-age=600
accept-ranges
bytes
x-proxy-cache
MISS
x-cache-hits
0
analytics.js
www.google-analytics.com/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: o365blog.com
URL: https://o365blog.com/aadinternals/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://o365blog.com/aadinternals/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
2081
date
Sat, 21 Nov 2020 11:49:24 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Sat, 21 Nov 2020 13:49:24 GMT
favicon-96x96.png
o365blog.com/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://o365blog.com/images/favicon-96x96.png
Requested by
Host: o365blog.com
URL: https://o365blog.com/aadinternals/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
e124fe1b3a5e21095e4c0e828938c8467773b3eb0274b0d865146a3861622e10

Request headers

Referer
https://o365blog.com/aadinternals/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id
a4301baede8df7b2388d1bf57c9e7b9213c18971
date
Sat, 21 Nov 2020 12:24:05 GMT
via
1.1 varnish
age
0
x-cache
MISS
x-cache-hits
0
content-length
4317
x-served-by
cache-cdg20728-CDG
last-modified
Thu, 19 Nov 2020 13:02:46 GMT
server
GitHub.com
x-github-request-id
E1DE:81B5:8DD29:9AE08:5FB906E4
x-timer
S1605961445.488343,VS0,VE97
etag
"5fb66cf6-10dd"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-proxy-cache
MISS
expires
Sat, 21 Nov 2020 12:34:05 GMT
aadint01.png
o365blog.com/images/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://o365blog.com/images/aadint01.png
Requested by
Host: o365blog.com
URL: https://o365blog.com/aadinternals/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
b2cef31d0248e55f4e13927ad9e2b411a4e3118dd81017c6fe41c824623cc47a

Request headers

Referer
https://o365blog.com/aadinternals/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id
d41a9042f6ce09a884c476eacc8b8b97d449ff0f
date
Sat, 21 Nov 2020 12:24:05 GMT
via
1.1 varnish
age
0
x-cache
MISS
content-length
31703
x-served-by
cache-cdg20728-CDG
last-modified
Thu, 19 Nov 2020 13:02:46 GMT
server
GitHub.com
x-github-request-id
57FA:F306:57A485:5D108A:5FB906E5
x-timer
S1605961445.488299,VS0,VE95
etag
"5fb66cf6-7bd7"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
expires
Sat, 21 Nov 2020 12:34:05 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
x-cache-hits
0
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://o365blog.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 17 Nov 2020 11:20:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:27 GMT
server
sffe
age
349407
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9080
x-xss-protection
0
expires
Wed, 17 Nov 2021 11:20:38 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://o365blog.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 15 Nov 2020 11:20:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:28 GMT
server
sffe
age
522209
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9132
x-xss-protection
0
expires
Mon, 15 Nov 2021 11:20:36 GMT
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/ 		65 KB
65 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://o365blog.com
Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 21 Nov 2020 12:24:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:36:18 GMT
etag
"1544639778"
vary
Accept-Encoding
x-cache
HIT
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
66632
phishing_11.png
o365blog.com/images/posts/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://o365blog.com/images/posts/phishing_11.png
Requested by
Host: o365blog.com
URL: https://o365blog.com/aadinternals/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
7bbb03b771ea226309b4f45f358cf8043bef439f1b5ff10c35a0de1cb1d52cdf

Request headers

Referer
https://o365blog.com/aadinternals/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id
44fb5875bad657034a8172428bece37d6bf422af
date
Sat, 21 Nov 2020 12:24:05 GMT
via
1.1 varnish
age
0
x-cache
MISS
content-length
32757
x-served-by
cache-cdg20728-CDG
last-modified
Thu, 19 Nov 2020 13:02:46 GMT
server
GitHub.com
x-github-request-id
E1F2:E8F0:151FC4:16AA72:5FB906E6
x-timer
S1605961446.616422,VS0,VE105
etag
"5fb66cf6-7ff5"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
expires
Sat, 21 Nov 2020 12:34:05 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
x-cache-hits
0
phishing_12.png
o365blog.com/images/posts/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://o365blog.com/images/posts/phishing_12.png
Requested by
Host: o365blog.com
URL: https://o365blog.com/aadinternals/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
c0da08b4bb82a82c234f63d4b79ef6cafbcf8a1a18dfdaca9c9a42c5159e2848

Request headers

Referer
https://o365blog.com/aadinternals/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id
059b29c5e1d5819810f6146af351c41092a36225
date
Sat, 21 Nov 2020 12:24:05 GMT
via
1.1 varnish
age
0
x-cache
MISS
content-length
12843
x-served-by
cache-cdg20728-CDG
last-modified
Thu, 19 Nov 2020 13:02:46 GMT
server
GitHub.com
x-github-request-id
A8B2:12E9A:4F4226:542732:5FB906E5
x-timer
S1605961446.616400,VS0,VE96
etag
"5fb66cf6-322b"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
expires
Sat, 21 Nov 2020 12:34:05 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
x-cache-hits
0
tags.png
o365blog.com/images/ 		497 B
633 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://o365blog.com/images/tags.png
Requested by
Host: o365blog.com
URL: https://o365blog.com/aadinternals/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
c3131355e1eeb5e99fe72db43a3831db3062b1e247e767b340f73fa3194f8675

Request headers

Referer
https://o365blog.com/aadinternals/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id
81a4132d1d98b28e295e4851f3d8f9a087bb29f7
date
Sat, 21 Nov 2020 12:24:05 GMT
via
1.1 varnish
age
0
x-cache
MISS
x-cache-hits
0
content-length
497
x-served-by
cache-cdg20728-CDG
last-modified
Thu, 19 Nov 2020 13:02:46 GMT
server
GitHub.com
x-github-request-id
7CF6:9C21:DC11:13382:5FB906E5
x-timer
S1605961446.616383,VS0,VE97
etag
"5fb66cf6-1f1"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-proxy-cache
MISS
expires
Sat, 21 Nov 2020 12:34:05 GMT
nestori.jpg
o365blog.com/images/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://o365blog.com/images/nestori.jpg
Requested by
Host: o365blog.com
URL: https://o365blog.com/aadinternals/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
9b26fe68c8b11ec876de9e06dfd012299df1e99c2a1013031036834fc5e15125

Request headers

Referer
https://o365blog.com/aadinternals/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id
bc3612c0122ad8adf4eb1183492d584f1bea2ef0
date
Sat, 21 Nov 2020 12:24:05 GMT
via
1.1 varnish
age
0
x-cache
MISS
x-cache-hits
0
content-length
22093
x-served-by
cache-cdg20728-CDG
last-modified
Thu, 19 Nov 2020 13:02:46 GMT
server
GitHub.com
x-github-request-id
6402:20F2:56BCFC:5C18E1:5FB906E4
x-timer
S1605961446.616387,VS0,VE97
etag
"5fb66cf6-564d"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-proxy-cache
MISS
expires
Sat, 21 Nov 2020 12:34:05 GMT
embed.js
o365blog-com.disqus.com/ 		70 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://o365blog-com.disqus.com/embed.js
Requested by
Host: o365blog.com
URL: https://o365blog.com/aadinternals/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
6def870a4ded644ef4f64abbad437d12cc1ed75d8ba86e851fec9a3912163bfa
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains

Request headers

Referer
https://o365blog.com/aadinternals/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 21 Nov 2020 12:24:06 GMT
Content-Encoding
gzip
Server
openresty
Age
0
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Cache-Control
private, max-age=60
X-Service
router
Strict-Transport-Security
max-age=300; includeSubdomains
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
23293
collect
www.google-analytics.com/j/ 		2 B
386 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1799591772&t=pageview&_s=1&dl=https%3A%2F%2Fo365blog.com%2Faadinternals%2F&ul=en-us&de=UTF-8&dt=AAD%20Internals&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1819148336&gjid=546022735&cid=1412933848.1605961446&tid=UA-61454000-4&_gid=286936193.1605961446&_r=1&_slc=1&z=2062845190
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://o365blog.com/aadinternals/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 21 Nov 2020 12:24:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://o365blog.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
lounge.2a0be1cac62547aa91037395a06bf8b3.css
c.disquscdn.com/next/embed/styles/ 		0
23 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/styles/lounge.2a0be1cac62547aa91037395a06bf8b3.css
Requested by
Host: o365blog-com.disqus.com
URL: https://o365blog-com.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a913 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://o365blog.com/aadinternals/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 21 Nov 2020 12:24:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
137017
strict-transport-security
max-age=300; includeSubdomains
content-length
22655
cf-request-id
068c5c0b0f000005d4b0342000000001
timing-allow-origin
*
last-modified
Thu, 19 Nov 2020 22:06:27 GMT
server
cloudflare
etag
"5fb6ec63-587f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
DFW3-C1
accept-ranges
bytes
cf-ray
5f5a62be7ef005d4-FRA
x-amz-cf-id
U-gG9OZ3kJS9xxB8lbcOsPcV746xOv-OfQeg4RfypFfyEf75cG_0Pw==
expires
Fri, 19 Nov 2021 22:20:27 GMT
common.bundle.ac3bde1f6afb3a5913b7d94c8f7efe0c.js
c.disquscdn.com/next/embed/ 		0
93 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/common.bundle.ac3bde1f6afb3a5913b7d94c8f7efe0c.js
Requested by
Host: o365blog-com.disqus.com
URL: https://o365blog-com.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a913 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://o365blog.com/aadinternals/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 21 Nov 2020 12:24:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
137017
strict-transport-security
max-age=300; includeSubdomains
content-length
94785
cf-request-id
068c5c0b10000005d4c7b57000000001
timing-allow-origin
*
last-modified
Thu, 19 Nov 2020 22:06:27 GMT
server
cloudflare
etag
"5fb6ec63-17241"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
DFW3-C1
accept-ranges
bytes
cf-ray
5f5a62be7ef505d4-FRA
x-amz-cf-id
kBgV4R6bqUaKMaz2Gu_zNgkWlPR0N9YElf59kJWObZayXQ6Y1BBuog==
expires
Fri, 19 Nov 2021 22:20:27 GMT
lounge.bundle.7ce8b2d11ecfa0aa9e0fdce994b52842.js
c.disquscdn.com/next/embed/ 		0
114 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/lounge.bundle.7ce8b2d11ecfa0aa9e0fdce994b52842.js
Requested by
Host: o365blog-com.disqus.com
URL: https://o365blog-com.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a913 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://o365blog.com/aadinternals/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 21 Nov 2020 12:24:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
60820
strict-transport-security
max-age=300; includeSubdomains
content-length
116379
cf-request-id
068c5c0b10000005d4cda87000000001
timing-allow-origin
*
last-modified
Fri, 20 Nov 2020 19:08:20 GMT
server
cloudflare
etag
"5fb81424-1c69b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
DFW55-C1
accept-ranges
bytes
cf-ray
5f5a62be7ef805d4-FRA
x-amz-cf-id
yaoISWtZa_Htm13y7eXpFluexrytRU8scoM6I0rwGiOxoIOb1BdMdg==
expires
Sat, 20 Nov 2021 19:30:24 GMT
config.js
disqus.com/next/ 		0
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://disqus.com/next/config.js
Requested by
Host: o365blog-com.disqus.com
URL: https://o365blog-com.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://o365blog.com/aadinternals/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 21 Nov 2020 12:24:06 GMT
X-Content-Type-Options
nosniff
Content-Type
application/javascript; charset=UTF-8
Server
nginx
Age
28
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin
*
Cache-Control
public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
9268
X-XSS-Protection
1; mode=block
/
disqus.com/embed/comments/ Frame D0C7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://disqus.com/embed/comments/?base=default&f=o365blog-com&t_u=https%3A%2F%2Fo365blog.com%2Faadinternals%2F&t_d=AAD%20Internals&t_t=AAD%20Internals&s_o=default
Requested by
Host: o365blog-com.disqus.com
URL: https://o365blog-com.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
disqus.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://o365blog.com/aadinternals/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://o365blog.com/aadinternals/

Response headers

Connection
keep-alive
Content-Length
2562
Server
nginx
Content-Security-Policy
script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Link
<https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control
stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin
*
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Content-Type
text/html; charset=utf-8
Last-Modified
Mon, 02 Nov 2020 03:45:53 GMT
ETag
W/"lounge:view:6996056880.e73bd85c5e29aee1ae0a94610ab3d00f.2"
Content-Encoding
gzip
Date
Sat, 21 Nov 2020 12:24:06 GMT
Age
0
Vary
Accept-Encoding
Strict-Transport-Security
max-age=300; includeSubdomains
alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
c.disquscdn.com/next/embed/ 		78 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Requested by
Host: o365blog-com.disqus.com
URL: https://o365blog-com.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a913 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://o365blog.com/aadinternals/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 21 Nov 2020 12:24:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
1142518
strict-transport-security
max-age=300; includeSubdomains
content-length
26578
cf-request-id
068c5c0db4000005d4a7b9b000000001
timing-allow-origin
*
last-modified
Fri, 06 Nov 2020 01:17:04 GMT
server
cloudflare
etag
"5fa4a410-67d2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
DFW3-C1
accept-ranges
bytes
cf-ray
5f5a62c2ba2f05d4-FRA
x-amz-cf-id
Fza8IKnkqclKfwFRkhG3KkwdVe8CU5qzHkHPVgsx6PVytHnItBOSJg==
expires
Sat, 06 Nov 2021 18:22:17 GMT
pixel.gif
cdn.viglink.com/images/ 		43 B
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.viglink.com/images/pixel.gif?ch=1&rn=4.068619119711866
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.39 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://o365blog.com/aadinternals/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 21 Nov 2020 12:24:03 GMT
via
1.1 e13e8f228afcbd0862f27c6ebd714879.cloudfront.net (CloudFront)
last-modified
Tue, 10 Feb 2015 03:29:39 GMT
server
AmazonS3
age
3
etag
"221d8352905f2c38b3cb2bd191d630b0"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=15, must-revalidate
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
content-length
43
x-amz-cf-id
YdpvsyluH_kER4RiFdgLgoHFwjHGXI7STILFOBrELgMRTu1GPQnOUA==
pixel.gif
cdn.viglink.com/images/ 		43 B
386 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.viglink.com/images/pixel.gif?ch=2&rn=4.068619119711866
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.39 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://o365blog.com/aadinternals/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 21 Nov 2020 12:24:03 GMT
via
1.1 e13e8f228afcbd0862f27c6ebd714879.cloudfront.net (CloudFront)
last-modified
Tue, 10 Feb 2015 03:29:39 GMT
server
AmazonS3
age
3
etag
"221d8352905f2c38b3cb2bd191d630b0"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=15, must-revalidate
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
content-length
43
x-amz-cf-id
Dz5h2WRZ7GWDiqxwpaBQsCt-PHxgztwz_BZPWNLL8dnnue9hL4zghg==
ping
links.services.disqus.com/api/ 		299 B
919 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://links.services.disqus.com/api/ping
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
5544f004328bd972caeed39e6f0d798228ad279953485dacf2ddf1762c833c30

Request headers

Referer
https://o365blog.com/aadinternals/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Sat, 21 Nov 2020 12:24:07 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://o365blog.com
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
299
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync.gif
links.services.disqus.com/api/ 		43 B
565 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://o365blog.com/aadinternals/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 21 Nov 2020 12:24:07 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Type
image/gif;charset=UTF-8
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
domains
links.services.disqus.com/api/ 		82 B
701 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://links.services.disqus.com/api/domains
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
b0b3eaeb75aa9d9f24b600d5c4bc4741ce55946edcf326f5c26fa74f3aaed74d

Request headers

Referer
https://o365blog.com/aadinternals/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Sat, 21 Nov 2020 12:24:07 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://o365blog.com
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
82
Expires
Thu, 01 Jan 1970 00:00:00 GMT
domains
links.services.disqus.com/api/ 		113 B
733 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://links.services.disqus.com/api/domains
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
0967f570e36a2f95667a420c132cdb88641f3bd3c03c63322cb8fb04f1faad27

Request headers

Referer
https://o365blog.com/aadinternals/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Sat, 21 Nov 2020 12:24:08 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://o365blog.com
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
113
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| responsiveNav function| showMessage function| hideMessage function| getRealm function| createSmartLink function| byteArrayToBase64 function| parseByte function| parseGuid function| Base64ToByteArray function| parseHex function| parseBase64 function| guidToB64 function| b64ToGuid function| ga function| disqus_config object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| navigation object| DISQUS boolean| __v5k function| vl_cB function| vl_disable function| vglnk_16059614468626 object| vglnk undefined| vglnk_16059614473637 undefined| vglnk_16059614475459 undefined| vglnk_160596144816610

3 Cookies

Domain/Path Name / Value
.o365blog.com/ Name: _gat
Value: 1
.o365blog.com/ Name: _gid
Value: GA1.2.286936193.1605961446
.o365blog.com/ Name: _ga
Value: GA1.2.1412933848.1605961446

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.disquscdn.com
cdn.viglink.com
disqus.com
fonts.googleapis.com
fonts.gstatic.com
links.services.disqus.com
maxcdn.bootstrapcdn.com
o365blog-com.disqus.com
o365blog.com
www.google-analytics.com
151.101.0.134
151.101.112.134
151.101.112.64
185.199.108.153
2001:4de0:ac19::1:b:3a
2606:4700::6812:a913
2a00:1450:4001:80b::200e
2a00:1450:4001:814::2003
2a00:1450:4001:820::200a
2a00:1450:4001:824::200e
65.9.86.39
013349776470b75af65dd5df5c90f912240d60384ab7a9c44e218e526f5e07f6
0967f570e36a2f95667a420c132cdb88641f3bd3c03c63322cb8fb04f1faad27
3cc3e302240913c8c2351345099477787aa52d3226f8478404451497c712f1be
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5544f004328bd972caeed39e6f0d798228ad279953485dacf2ddf1762c833c30
6def870a4ded644ef4f64abbad437d12cc1ed75d8ba86e851fec9a3912163bfa
6ec8bfe4b75f29efb09ff0ad4cbbbd9d7d1c0cf98f9650f80146b0cf0ea6923f
7bbb03b771ea226309b4f45f358cf8043bef439f1b5ff10c35a0de1cb1d52cdf
819f0cd62ecd0c4b0200ec6454b0766be28a5bd830b49f4b3a34efaad041c262
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
9300c5d77122bc84923ec654e3ff94c0e49e7ce0a983da5f4ef46ffb1a76db21
9b26fe68c8b11ec876de9e06dfd012299df1e99c2a1013031036834fc5e15125
9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
b0b3eaeb75aa9d9f24b600d5c4bc4741ce55946edcf326f5c26fa74f3aaed74d
b2cef31d0248e55f4e13927ad9e2b411a4e3118dd81017c6fe41c824623cc47a
c0da08b4bb82a82c234f63d4b79ef6cafbcf8a1a18dfdaca9c9a42c5159e2848
c3131355e1eeb5e99fe72db43a3831db3062b1e247e767b340f73fa3194f8675
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
e124fe1b3a5e21095e4c0e828938c8467773b3eb0274b0d865146a3861622e10
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995