Forum Discussion

Tobey Davies's avatar
Tobey Davies
Brass Contributor
Mar 12, 2018

What is the domain "nrb.footprintdns.com"??

Hello Everyone   From 3/2/2018, when I access my SharePoint site the following certificate site? is displayed. https://37CFD84CE79EF6104C98E018AE6ABD10.nrb.footprintdns.com And request me to ...
admin
SharePoint Online
Sites
  • PaulAndrew's avatar
    PaulAndrew
    Jan 08, 2019

    The domain nrb.footprintdns.com is owned by Microsoft and represents servers in Microsoft datacenters. It is used for telemetry purposes that comply with Microsoft privacy commitments that you can read about at: https://products.office.com/en-us/business/office-365-trust-center-privacy. Data sent to this domain is used to identify network connectivity and performance issues and to support improvements to the service. We have plans to rename it to be more descriptive, and to publish it at the Office 365 IP Address and URL publishing site at http://aka.ms/o365ip. If you have any problems using Office 365 related to this, please raise a support incident so that we can assist at https://support.office.com/ 

sb_1962's avatar
sb_1962
Copper Contributor

Still no response from MS ? Till today it was silent, but now, all the computers are getting this message, and the firewall installed is blocking it (the security certificate is not from a known or approved agency) Anyway, it isn't affecting the operation, so I think it is immaterial, except the nuisance value. But which group of microsoft is tryying to fish here ? The Office 365 group or the windows ?

NTS_0's avatar
NTS_0
Copper Contributor
Dec 08, 2018
hmm, last days my KAV starts to show me this warning with site nrb.footprintdns.com with invalid certificate...
But I'm not sure what exactly is trying to connect there...(and why)

MS, any reply ??
Thanks
  • Simbiat's avatar
    Simbiat
    Copper Contributor
    Dec 09, 2018

    My KAV is blocking access due to invalid certificate past 2 days now, too, saying, that these domains are accessed by Outlook. I saw the same in the past, but way less frequently.

    • Donald_S's avatar
      Donald_S
      Copper Contributor
      Dec 09, 2018

      Not sure if this is the place to post, but as others have identified Microsoft Office and Outlook as involved, I'll make my contribution.

       

      My Kaspersky Total Security application is identifying an invalid certificate.  The source program is listed as Microsoft Office in the popup.  The certificate in question lists the related certificate site as outlook.live.com, and the detailed report lists the involved program as Microsoft Word!  I have attached the pertinent screenshots.  As you can see, the issue is very repetitive, with a different prefix for the url each time.  Comment would be appreciated.

       

      PopupCertificateDetailed report

       

  • sb_1962's avatar
    sb_1962
    Copper Contributor
    Dec 09, 2018

    I wonder, are we all 'affected persons' under KAV protection?

    I just checked up the log of KAV, and it seems quite interesting. It has blocked the footprint not only for outlook but for others too , like ms-excel.  Probably if I open up other ms-office files it would do it the same for others.

    The domain name "Foot-print" does not seem to be too innocuous.

    In addition there is something else too.... probably you people could check up - KAV has blocked several other programs (all windows) - from data mining from other files !

    I wonder is Microsoft illegally trying to acquire data ? 

    Is it the reason why they are silent on this topic ?

    Things look too Phishy.

    Despite the Russian connection, may be we have to be thankful to Kasp 

     

    • ckZA_'s avatar
      ckZA_
      Copper Contributor
      Dec 09, 2018

      Came here for the same reason. Since yesterday KAV has been informing me about the SSL connection *.nrb.footprintdns.com

       

      What really irks me is that I pay Microsoft for this software.

      • sb_1962's avatar
        sb_1962
        Copper Contributor
        Dec 09, 2018

        Well, it looks we are paying Microsoft to snoop on us :-) 

        (the silence of Microsoft team on this subject is speaking) 

    • Donald_S's avatar
      Donald_S
      Copper Contributor
      Dec 09, 2018

      I also decided to post on this in the Office 365 community, as all seems related to Office applications.

      • marinovdh's avatar
        marinovdh
        Copper Contributor
        Dec 09, 2018

        Apparently this domain is exclusively being used bij Microsoft to track your activity. That also explains why applications like Outlook and Excel both use it, but also website like Office365 and SharePoint. It looks like only authenticated users are being tracked, but I'm not totally sure. 

        The reason why Kasperspy comes up with an issue about the authenticity of the domain is rather simple: some application is trying to access a domain (*.nrb.footprintdns.com) while the channel (outlook.office.com or live.com depending from the application you use) uses a certificate that does not match the url.

         

        So why is Microsoft doing this? Well, that's (sort of) easy. Tracking your users' activity helps improving the product. Okay, that's the political/marketing way of saying it of course. But for business reasons Microsoft is also collecting data from their users, for all kinds of reasons. I would never expect a company like Microsoft to sell data like this (for it would mean their destruction). But using it for ads, improving their products, statistical data for having the best availability will be among the reasons. 

        Also technically it's a good practise to use a separate service for this kind of activity. Being such a large company it's no surprise MSFT connected it to a different domain. Although it surprises me that they didn't use a microsoft.com domain. 

Resources