Hostnames |
hotmail.com mail.services.live.com attachment.outlook.live.net ccs.login.microsoftonline.com ccs-sdf.login.microsoftonline.com outlook.office.com substrate.office.com substrate-sdf.office.com attachments.office.net attachments-sdf.office.net attachment.outlook.office.net office365.com attachment.outlook.officeppe.net outlook.com |
Domains | hotmail.com live.com live.net microsoftonline.com office.com office.net office365.com officeppe.net outlook.com |
Country | United States |
City | San Jose |
Organization | Microsoft Corporation |
ISP | Microsoft Corporation |
ASN | AS8075 |
Operating System | Windows |
-448366934 | 2024-10-25T00:28:38.71691480 / tcp
HTTP/1.1 301 Moved Permanently Cache-Control: no-cache Pragma: no-cache Location: https://52.123.249.183/owa/ Server: Microsoft-IIS/10.0 request-id: 2ed662b1-5bf3-efaf-9bbc-eebaccc8b40e X-FEServer: BY5PR16CA0004 X-RequestId: 98aa3ab1-0524-42f8-8315-8fdf7c6c753e X-FEProxyInfo: BY5PR16CA0004.NAMPRD16.PROD.OUTLOOK.COM X-FEEFZInfo: SJC MS-CV: sWLWLvNbr++bvO66zMi0Dg.0 X-Powered-By: ASP.NET X-FEServer: BY5PR16CA0004 Date: Fri, 25 Oct 2024 00:28:37 GMT Connection: close Content-Length: 0
691421190 | 2024-10-25T04:03:25.429207443 / tcp
HTTP/1.1 302 Content-Length: 777 Content-Type: text/html; charset=utf-8 Location: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2f52.123.249.183%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=4f5eef7e-7fed-6187-069b-355eb561ecce&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638654258050850618.84e77236-ff47-4089-8c99-8b8f7b8f42ea&state=Dcs7EoAgDEXRoONykAj5PJaDDrSWbt8U53Y3EdEetpA4Qm4NplIVrAxlu3BCpnttltcSz8LoGU-P3FgepM6R4j3K-43yAw Server: Microsoft-IIS/10.0 request-id: 4f5eef7e-7fed-6187-069b-355eb561ecce Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-CalculatedBETarget: SJ2PR16MB5848.namprd16.PROD.OUTLOOK.COM X-BackEndHttpStatus: 302 P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" Set-Cookie: ClientId=BE88A0C54AC946D8B74F481929EE48DA; expires=Sat, 25-Oct-2025 04:03:25 GMT; path=/;SameSite=None; secure Set-Cookie: ClientId=BE88A0C54AC946D8B74F481929EE48DA; expires=Sat, 25-Oct-2025 04:03:25 GMT; path=/;SameSite=None; secure Set-Cookie: OIDC=1; expires=Fri, 25-Apr-2025 04:03:25 GMT; path=/;SameSite=None; secure; HttpOnly Set-Cookie: RoutingKeyCookie=; expires=Tue, 25-Oct-1994 04:03:25 GMT; path=/;SameSite=None; secure; HttpOnly Set-Cookie: OpenIdConnect.token.v1=; expires=Tue, 25-Oct-1994 04:03:25 GMT; path=/;SameSite=None; secure; HttpOnly Set-Cookie: OpenIdConnect.token.v1=; domain=52.123.249.183; expires=Tue, 25-Oct-1994 04:03:25 GMT; path=/;SameSite=None; secure; HttpOnly Set-Cookie: OpenIdConnect.id_token.v1=; expires=Tue, 25-Oct-1994 04:03:25 GMT; path=/;SameSite=None; secure; HttpOnly Set-Cookie: OpenIdConnect.code.v1=; expires=Tue, 25-Oct-1994 04:03:25 GMT; path=/;SameSite=None; secure; HttpOnly Set-Cookie: OpenIdConnect.idp_nonce.v1=; expires=Tue, 25-Oct-1994 04:03:25 GMT; path=/;SameSite=None; secure; HttpOnly Set-Cookie: OpenIdConnect.idp_correlation_id=; expires=Tue, 25-Oct-1994 04:03:25 GMT; path=/;SameSite=None; secure; HttpOnly Set-Cookie: OpenIdConnect.tokenPostPath=; expires=Tue, 25-Oct-1994 04:03:25 GMT; path=/;SameSite=None; secure; HttpOnly Set-Cookie: OpenIdConnect.id_token.v1=; domain=52.123.249.183; expires=Tue, 25-Oct-1994 04:03:25 GMT; path=/;SameSite=None; secure; HttpOnly Set-Cookie: OpenIdConnect.code.v1=; domain=52.123.249.183; expires=Tue, 25-Oct-1994 04:03:25 GMT; path=/;SameSite=None; secure; HttpOnly Set-Cookie: OpenIdConnect.idp_nonce.v1=; domain=52.123.249.183; expires=Tue, 25-Oct-1994 04:03:25 GMT; path=/;SameSite=None; secure; HttpOnly Set-Cookie: OpenIdConnect.idp_correlation_id=; domain=52.123.249.183; expires=Tue, 25-Oct-1994 04:03:25 GMT; path=/;SameSite=None; secure; HttpOnly Set-Cookie: OpenIdConnect.tokenPostPath=; domain=52.123.249.183; expires=Tue, 25-Oct-1994 04:03:25 GMT; path=/;SameSite=None; secure; HttpOnly Set-Cookie: OpenIdConnect.nonce.v3.O0sTh7hCnPacoAlol0KXJ9AgzbIFU9YE2SllNS5Utxk=638654258050850618.84e77236-ff47-4089-8c99-8b8f7b8f42ea; expires=Fri, 25-Oct-2024 05:03:25 GMT; path=/;SameSite=None; secure; HttpOnly Set-Cookie: HostSwitchPrg=; expires=Tue, 25-Oct-1994 04:03:25 GMT; path=/;SameSite=None; secure; HttpOnly Set-Cookie: OptInPrg=; expires=Tue, 25-Oct-1994 04:03:25 GMT; path=/;SameSite=None; secure; HttpOnly Set-Cookie: SuiteServiceProxyKey=; expires=Tue, 25-Oct-1994 04:03:25 GMT; path=/;SameSite=None; secure; HttpOnly Set-Cookie: ClientId=BE88A0C54AC946D8B74F481929EE48DA; expires=Sat, 25-Oct-2025 04:03:25 GMT; path=/;SameSite=None; secure Set-Cookie: OIDC=1; expires=Fri, 25-Apr-2025 04:03:25 GMT; path=/;SameSite=None; secure; HttpOnly Set-Cookie: RoutingKeyCookie=; expires=Tue, 25-Oct-1994 04:03:25 GMT; path=/;SameSite=None; secure; HttpOnly Set-Cookie: OpenIdConnect.token.v1=; expires=Tue, 25-Oct-1994 04:03:25 GMT; path=/;SameSite=None; secure; HttpOnly Set-Cookie: OpenIdConnect.token.v1=; domain=52.123.249.183; expires=Tue, 25-Oct-1994 04:03:25 GMT; path=/;SameSite=None; secure; HttpOnly Set-Cookie: OpenIdConnect.id_token.v1=; expires=Tue, 25-Oct-1994 04:03:25 GMT; path=/;SameSite=None; secure; HttpOnly Set-Cookie: OpenIdConnect.code.v1=; expires=Tue, 25-Oct-1994 04:03:25 GMT; path=/;SameSite=None; secure; HttpOnly Set-Cookie: OpenIdConnect.idp_nonce.v1=; expires=Tue, 25-Oct-1994 04:03:25 GMT; path=/;SameSite=None; secure; HttpOnly Set-Cookie: OpenIdConnect.idp_correlation_id=; expires=Tue, 25-Oct-1994 04:03:25 GMT; path=/;SameSite=None; secure; HttpOnly Set-Cookie: OpenIdConnect.tokenPostPath=; expires=Tue, 25-Oct-1994 04:03:25 GMT; path=/;SameSite=None; secure; HttpOnly Set-Cookie: OpenIdConnect.id_token.v1=; domain=52.123.249.183; expires=Tue, 25-Oct-1994 04:03:25 GMT; path=/;SameSite=None; secure; HttpOnly Set-Cookie: OpenIdConnect.code.v1=; domain=52.123.249.183; expires=Tue, 25-Oct-1994 04:03:25 GMT; path=/;SameSite=None; secure; HttpOnly Set-Cookie: OpenIdConnect.idp_nonce.v1=; domain=52.123.249.183; expires=Tue, 25-Oct-1994 04:03:25 GMT; path=/;SameSite=None; secure; HttpOnly Set-Cookie: OpenIdConnect.idp_correlation_id=; domain=52.123.249.183; expires=Tue, 25-Oct-1994 04:03:25 GMT; path=/;SameSite=None; secure; HttpOnly Set-Cookie: OpenIdConnect.tokenPostPath=; domain=52.123.249.183; expires=Tue, 25-Oct-1994 04:03:25 GMT; path=/;SameSite=None; secure; HttpOnly Set-Cookie: OpenIdConnect.nonce.v3.O0sTh7hCnPacoAlol0KXJ9AgzbIFU9YE2SllNS5Utxk=638654258050850618.84e77236-ff47-4089-8c99-8b8f7b8f42ea; expires=Fri, 25-Oct-2024 05:03:25 GMT; path=/;SameSite=None; secure; HttpOnly Set-Cookie: HostSwitchPrg=; expires=Tue, 25-Oct-1994 04:03:25 GMT; path=/;SameSite=None; secure; HttpOnly Set-Cookie: OptInPrg=; expires=Tue, 25-Oct-1994 04:03:25 GMT; path=/;SameSite=None; secure; HttpOnly Set-Cookie: SuiteServiceProxyKey=; expires=Tue, 25-Oct-1994 04:03:25 GMT; path=/;SameSite=None; secure; HttpOnly Set-Cookie: X-OWA-RedirectHistory=ArLym14BOl9p-an03Ag; expires=Fri, 25-Oct-2024 10:05:25 GMT; path=/;SameSite=None; secure; HttpOnly X-RUM-Validated: 1 X-RUM-NotUpdateQueriedPath: 1 X-RUM-NotUpdateQueriedDbCopy: 1 X-Content-Type-Options: nosniff X-BeSku: WCS7 X-OWA-DiagnosticsInfo: 3;0;0; X-BackEnd-Begin: 2024-10-25T04:03:25.085 X-BackEnd-End: 2024-10-25T04:03:25.085 X-DiagInfo: SJ2PR16MB5848 X-BEServer: SJ2PR16MB5848 X-UA-Compatible: IE=EmulateIE7 X-ResponseOrigin: OwaAppPool X-Proxy-RoutingCorrectness: 1 Report-To: {"group":"NelOfficeUpload1","max_age":7200,"endpoints":[{"url":"https://exo.nel.measure.office.net/api/report?TenantId=&FrontEnd=Cafe&DestinationEndpoint=SJC&RemoteIP=185.142.236.0&Environment=MT"}],"include_subdomains":true} NEL: {"report_to":"NelOfficeUpload1","max_age":7200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01} Alt-Svc: h3=":443";ma=2592000,h3-29=":443";ma=2592000 X-Proxy-BackendServerStatus: 302 X-FirstHopCafeEFZ: SJC X-FEProxyInfo: BY5PR16CA0019.NAMPRD16.PROD.OUTLOOK.COM X-FEEFZInfo: SJC X-FEServer: BY5PR16CA0019 Date: Fri, 25 Oct 2024 04:03:24 GMT
Certificate: Data: Version: 3 (0x2) Serial Number: 0e:cd:ab:15:2d:21:61:f7:c8:43:d2:5f:3f:00:fc:de Signature Algorithm: sha256WithRSAEncryption Issuer: C=US, O=DigiCert Inc, CN=DigiCert Cloud Services CA-1 Validity Not Before: Jun 27 00:00:00 2024 GMT Not After : Jun 26 23:59:59 2025 GMT Subject: C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=outlook.com Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:d0:84:b3:ce:26:4f:5b:ed:0a:cf:ba:52:e6:d5: a0:02:4a:43:34:d0:7c:04:36:63:13:10:76:70:3b: 70:2d:b1:03:45:8b:7a:65:4f:24:49:8d:9e:63:53: 4d:bb:b9:42:54:9e:a6:a8:80:be:47:02:1e:7f:3d: 2a:f9:31:35:28:3e:fc:4d:93:f6:e8:b8:23:8a:30: 7f:67:38:c8:e2:ed:82:1b:b7:f1:a1:5a:9e:1d:a5: 6b:ca:0d:7e:93:0d:42:b5:5b:28:19:57:bb:54:c3: 96:c7:ff:ba:fd:20:5b:9d:b2:37:3a:e1:33:11:81: 1b:27:34:7f:b3:2a:48:5f:11:48:29:c0:1f:69:1d: 0b:a6:de:17:04:e4:0c:21:e5:58:40:76:f1:6d:d9: 44:4c:a0:29:c8:1f:23:f5:9c:ed:39:5d:b4:eb:df: 93:45:f1:5e:27:b4:7d:71:b7:25:cd:80:0d:fa:d5: 48:8d:f0:12:e1:59:d6:29:71:1a:9c:e8:bc:d6:82: 45:f6:67:db:7c:aa:83:28:b7:10:08:7e:f2:b2:0f: c5:1a:7b:36:34:04:90:fb:82:d7:47:84:b5:87:02: 0e:fd:4b:35:0e:51:63:8d:9a:41:bc:ed:8b:68:f3: 18:2b:f2:7a:1d:8b:5a:27:25:3d:c8:77:28:13:74: 2a:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Authority Key Identifier: DD:51:D0:A2:31:73:A9:73:AE:8F:B4:01:7E:5D:8C:57:CB:9F:F0:F7 X509v3 Subject Key Identifier: 0C:1E:84:D3:63:68:03:02:43:25:28:EB:F1:9F:E5:12:08:8B:69:9C X509v3 Subject Alternative Name: DNS:*.clo.footprintdns.com, DNS:*.hotmail.com, DNS:*.internal.outlook.com, DNS:*.live.com, DNS:*.nrb.footprintdns.com, DNS:*.office.com, DNS:*.office365.com, DNS:*.outlook.com, DNS:*.outlook.office365.com, DNS:attachment.outlook.live.net, DNS:attachment.outlook.office.net, DNS:attachment.outlook.officeppe.net, DNS:attachments.office.net, DNS:attachments-sdf.office.net, DNS:ccs.login.microsoftonline.com, DNS:ccs-sdf.login.microsoftonline.com, DNS:hotmail.com, DNS:mail.services.live.com, DNS:office365.com, DNS:outlook.com, DNS:outlook.office.com, DNS:substrate.office.com, DNS:substrate-sdf.office.com X509v3 Certificate Policies: Policy: 2.23.140.1.2.2 CPS: http://www.digicert.com/CPS X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 CRL Distribution Points: Full Name: URI:http://crl3.digicert.com/DigiCertCloudServicesCA-1-g1.crl Full Name: URI:http://crl4.digicert.com/DigiCertCloudServicesCA-1-g1.crl Authority Information Access: OCSP - URI:http://ocspx.digicert.com CA Issuers - URI:http://cacerts.digicert.com/DigiCertCloudServicesCA-1.crt X509v3 Basic Constraints: critical CA:FALSE CT Precertificate SCTs: Signed Certificate Timestamp: Version : v1 (0x0) Log ID : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB: 1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF Timestamp : Jun 27 06:10:26.583 2024 GMT Extensions: none Signature : ecdsa-with-SHA256 30:45:02:21:00:E2:87:EE:20:9E:60:AE:05:AD:D1:3D: 65:F6:FE:48:40:9D:F4:BF:CA:4F:6D:07:73:63:A5:33: 5E:F7:C3:5F:3C:02:20:28:AC:EE:1C:4A:22:45:ED:B4: E3:46:42:6C:2F:14:80:63:23:9E:41:C5:3D:F8:58:0B: 39:AA:AB:0D:D6:FA:E2 Signed Certificate Timestamp: Version : v1 (0x0) Log ID : 7D:59:1E:12:E1:78:2A:7B:1C:61:67:7C:5E:FD:F8:D0: 87:5C:14:A0:4E:95:9E:B9:03:2F:D9:0E:8C:2E:79:B8 Timestamp : Jun 27 06:10:26.581 2024 GMT Extensions: none Signature : ecdsa-with-SHA256 30:44:02:20:69:94:36:B7:6F:AE:76:DE:42:40:58:3E: 5A:73:9B:8A:67:28:2F:36:3B:8E:59:33:41:62:AA:69: 45:57:ED:F5:02:20:61:C4:55:5F:99:63:EE:94:EC:61: EE:B0:BA:1E:74:FB:0E:8B:4C:65:0D:44:F3:67:DE:A7: 5B:B0:A2:77:B8:C8 Signed Certificate Timestamp: Version : v1 (0x0) Log ID : E6:D2:31:63:40:77:8C:C1:10:41:06:D7:71:B9:CE:C1: D2:40:F6:96:84:86:FB:BA:87:32:1D:FD:1E:37:8E:50 Timestamp : Jun 27 06:10:26.596 2024 GMT Extensions: none Signature : ecdsa-with-SHA256 30:45:02:20:23:99:8F:84:DE:32:51:0C:A2:AA:D0:A6: 6E:2E:D2:41:21:73:A4:BC:7D:9F:32:B4:ED:52:56:55: 74:2D:94:CA:02:21:00:E3:D8:FE:96:3A:1A:6A:58:86: 59:F9:DD:D8:7C:34:84:64:EC:56:23:14:C2:52:24:12: 69:38:FE:DF:A2:52:78 Signature Algorithm: sha256WithRSAEncryption Signature Value: 6c:b8:6a:64:c5:87:87:e1:4f:00:1b:02:19:6f:b6:c7:d6:b1: e7:45:50:dd:60:a2:70:6e:46:36:43:5a:ac:bc:0b:50:04:db: 5c:e6:41:d1:bd:0f:39:b5:58:ef:45:78:ae:ac:a4:5c:5d:4f: 13:cd:a4:59:7a:66:2f:1d:63:eb:5f:a1:f0:3e:45:47:cd:0b: cd:40:48:c8:51:8f:c6:77:7d:69:bb:e0:4c:79:04:2a:bf:28: 96:fe:10:d9:24:75:48:12:90:a2:19:33:45:95:df:3e:98:d3: 43:5f:e2:4f:b8:ac:05:16:9b:75:ae:a3:37:30:43:56:f2:f1: 79:49:42:e2:e8:3b:23:11:5e:ee:e2:83:dc:cc:81:77:a3:36: 35:6b:5c:4d:1e:4a:4f:6f:f8:95:1d:a4:27:b2:09:6c:42:97: 7a:61:74:8a:35:57:98:b1:26:31:7c:0b:ab:46:e9:ab:88:ee: 2a:1a:81:5f:1d:74:ad:aa:a4:8d:4c:c7:d5:ba:06:69:32:b9: 6c:f1:c2:ba:c9:8e:3a:af:c9:07:49:ef:d7:e6:db:2f:20:fe: 36:c0:67:c7:c2:fb:9d:c9:8a:7b:37:0a:61:b6:17:5e:42:8e: ee:64:3d:7d:58:cb:44:b6:16:9c:8c:b9:d9:8d:35:49:ce:0a: 18:9c:8c:98