diff --git a/aspnetcore/security/anti-request-forgery.md b/aspnetcore/security/anti-request-forgery.md
index 8c253ec9d6..fbb82a39d8 100644
--- a/aspnetcore/security/anti-request-forgery.md
+++ b/aspnetcore/security/anti-request-forgery.md
@@ -18,17 +18,17 @@ Cross-site request forgery (also known as XSRF or CSRF) is an attack against web
 
 An example of a CSRF attack:
 
-1. A user signs into `www.good-banking-site.com` using forms authentication. The server authenticates the user and issues a response that includes an authentication cookie. The site is vulnerable to attack because it trusts any request that it receives with a valid authentication cookie.
-1. The user visits a malicious site, `www.bad-crook-site.com`.
+1. A user signs into `www.good-banking-site.example.com` using forms authentication. The server authenticates the user and issues a response that includes an authentication cookie. The site is vulnerable to attack because it trusts any request that it receives with a valid authentication cookie.
+1. The user visits a malicious site, `www.bad-crook-site.example.com`.
 
-   The malicious site, `www.bad-crook-site.com`, contains an HTML form similar to the following example:
+   The malicious site, `www.bad-crook-site.example.com`, contains an HTML form similar to the following example:
 
    :::code language="html" source="anti-request-forgery/samples_snapshot/vulnerable-form.html":::
 
    Notice that the form's `action` posts to the vulnerable site, not to the malicious site. This is the "cross-site" part of CSRF.
 
-1. The user selects the submit button. The browser makes the request and automatically includes the authentication cookie for the requested domain, `www.good-banking-site.com`.
-1. The request runs on the `www.good-banking-site.com` server with the user's authentication context and can perform any action that an authenticated user is allowed to perform.
+1. The user selects the submit button. The browser makes the request and automatically includes the authentication cookie for the requested domain, `www.good-banking-site.example.com`.
+1. The request runs on the `www.good-banking-site.example.com` server with the user's authentication context and can perform any action that an authenticated user is allowed to perform.
 
 In addition to the scenario where the user selects the button to submit the form, the malicious site could:
 
@@ -285,17 +285,17 @@ Cross-site request forgery (also known as XSRF or CSRF) is an attack against web
 
 An example of a CSRF attack:
 
-1. A user signs into `www.good-banking-site.com` using forms authentication. The server authenticates the user and issues a response that includes an authentication cookie. The site is vulnerable to attack because it trusts any request that it receives with a valid authentication cookie.
-1. The user visits a malicious site, `www.bad-crook-site.com`.
+1. A user signs into `www.good-banking-site.example.com` using forms authentication. The server authenticates the user and issues a response that includes an authentication cookie. The site is vulnerable to attack because it trusts any request that it receives with a valid authentication cookie.
+1. The user visits a malicious site, `www.bad-crook-site.example.com`.
 
-   The malicious site, `www.bad-crook-site.com`, contains an HTML form similar to the following example:
+   The malicious site, `www.bad-crook-site.example.com`, contains an HTML form similar to the following example:
 
    :::code language="html" source="anti-request-forgery/samples_snapshot/vulnerable-form.html":::
 
    Notice that the form's `action` posts to the vulnerable site, not to the malicious site. This is the "cross-site" part of CSRF.
 
-1. The user selects the submit button. The browser makes the request and automatically includes the authentication cookie for the requested domain, `www.good-banking-site.com`.
-1. The request runs on the `www.good-banking-site.com` server with the user's authentication context and can perform any action that an authenticated user is allowed to perform.
+1. The user selects the submit button. The browser makes the request and automatically includes the authentication cookie for the requested domain, `www.good-banking-site.example.com`.
+1. The request runs on the `www.good-banking-site.example.com` server with the user's authentication context and can perform any action that an authenticated user is allowed to perform.
 
 In addition to the scenario where the user selects the button to submit the form, the malicious site could:
 
@@ -537,17 +537,17 @@ Cross-site request forgery (also known as XSRF or CSRF) is an attack against web
 
 An example of a CSRF attack:
 
-1. A user signs into `www.good-banking-site.com` using forms authentication. The server authenticates the user and issues a response that includes an authentication cookie. The site is vulnerable to attack because it trusts any request that it receives with a valid authentication cookie.
-1. The user visits a malicious site, `www.bad-crook-site.com`.
+1. A user signs into `www.good-banking-site.example.com` using forms authentication. The server authenticates the user and issues a response that includes an authentication cookie. The site is vulnerable to attack because it trusts any request that it receives with a valid authentication cookie.
+1. The user visits a malicious site, `www.bad-crook-site.example.com`.
 
-   The malicious site, `www.bad-crook-site.com`, contains an HTML form similar to the following example:
+   The malicious site, `www.bad-crook-site.example.com`, contains an HTML form similar to the following example:
 
    :::code language="html" source="anti-request-forgery/samples_snapshot/vulnerable-form.html":::
 
    Notice that the form's `action` posts to the vulnerable site, not to the malicious site. This is the "cross-site" part of CSRF.
 
-1. The user selects the submit button. The browser makes the request and automatically includes the authentication cookie for the requested domain, `www.good-banking-site.com`.
-1. The request runs on the `www.good-banking-site.com` server with the user's authentication context and can perform any action that an authenticated user is allowed to perform.
+1. The user selects the submit button. The browser makes the request and automatically includes the authentication cookie for the requested domain, `www.good-banking-site.example.com`.
+1. The request runs on the `www.good-banking-site.example.com` server with the user's authentication context and can perform any action that an authenticated user is allowed to perform.
 
 In addition to the scenario where the user selects the button to submit the form, the malicious site could: