mso.rcstevens.click - urlscan.io

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 5 HTTP transactions. The main IP is 45.11.183.219, located in Tallinn, Estonia and belongs to SERVINGA-EE, DE. The main domain is mso.rcstevens.click.
TLS certificate: Issued by R3 on June 28th 2022. Valid for: 3 months.

This is the only time mso.rcstevens.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
2 5	45.11.183.219 45.11.183.219		207408 (SERVINGA-EE) (SERVINGA-EE)
5	2

5 45.11.183.219 (Tallinn, Estonia) 2 redirects

ASN207408 (SERVINGA-EE, DE)
PTR: uennice.info

mso.rcstevens.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wwwoffice.rcstevens.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	rcstevens.click 2 redirects mso.rcstevens.click wwwoffice.rcstevens.click login.rcstevens.click Failed aadcdn-msftauth-b31c022f.rcstevens.click Failed	194 KB
5	1

	Domain	Requested by
4	mso.rcstevens.click	1 redirects mso.rcstevens.click
1	wwwoffice.rcstevens.click	1 redirects
0	aadcdn-msftauth-b31c022f.rcstevens.click Failed	mso.rcstevens.click
0	login.rcstevens.click Failed	mso.rcstevens.click
5	4

This site contains no links.

Subject Issuer	Validity	Valid
rcstevens.click R3	`2022-06-28` - `2022-09-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://mso.rcstevens.click/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwwwoffice.rcstevens.click%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwwwoffice.rcstevens.click%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637920479421509066.YWJlZmZlMjgtYzQ3Mi00NWU2LThlZDQtNjExNTBjMjgxZDg4MGMyMTBiY2MtNTBlNS00OGM5LWJiYjMtMGU2MDhkOGJlYWM2&ui_locales=de-DE&mkt=de-DE&state=kNu8eI9l2-KcUtQQ04BQbs7vPXz-ehbZLfE1qF0E0vi3aG1MpgicVWz4DM0FnGjImIWxftKyikm8owmtt_kbb4AaDPh1o8Elc4EeqeaZYRbVaMfuCBYscZ8LdgDh6CjaWYlgJN3slruiYdmBTua32N97U2UDutM5HxJtXKV-FCE80ly73d2I9M0nTiM6rjs-tdyWH8zFYCb_SDK5KRAPPUO5VD-t4icy8kyhccvITA4tH_W6oVMaSnssWmry2AgQOBb8c_MfnZ1tNFhGMKH2kA&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.12.1.0&sso_reload=true
Frame ID: 8721C06AEC54B023E328CFCFEA9DCE19
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://mso.rcstevens.click/ Page URL
https://mso.rcstevens.click/ HTTP 302
https://wwwoffice.rcstevens.click/login HTTP 302
https://mso.rcstevens.click/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&... Page URL
https://mso.rcstevens.click/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&... Page URL

Page Statistics

5
Requests

60 %
HTTPS

0 %
IPv6

1
Domains

4
Subdomains

2
IPs

1
Countries

192 kB
Transfer

705 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://mso.rcstevens.click/ Page URL
https://mso.rcstevens.click/ HTTP 302
https://wwwoffice.rcstevens.click/login HTTP 302
https://mso.rcstevens.click/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwwwoffice.rcstevens.click%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwwwoffice.rcstevens.click%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637920479421509066.YWJlZmZlMjgtYzQ3Mi00NWU2LThlZDQtNjExNTBjMjgxZDg4MGMyMTBiY2MtNTBlNS00OGM5LWJiYjMtMGU2MDhkOGJlYWM2&ui_locales=de-DE&mkt=de-DE&state=kNu8eI9l2-KcUtQQ04BQbs7vPXz-ehbZLfE1qF0E0vi3aG1MpgicVWz4DM0FnGjImIWxftKyikm8owmtt_kbb4AaDPh1o8Elc4EeqeaZYRbVaMfuCBYscZ8LdgDh6CjaWYlgJN3slruiYdmBTua32N97U2UDutM5HxJtXKV-FCE80ly73d2I9M0nTiM6rjs-tdyWH8zFYCb_SDK5KRAPPUO5VD-t4icy8kyhccvITA4tH_W6oVMaSnssWmry2AgQOBb8c_MfnZ1tNFhGMKH2kA&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.12.1.0 Page URL
https://mso.rcstevens.click/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwwwoffice.rcstevens.click%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwwwoffice.rcstevens.click%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637920479421509066.YWJlZmZlMjgtYzQ3Mi00NWU2LThlZDQtNjExNTBjMjgxZDg4MGMyMTBiY2MtNTBlNS00OGM5LWJiYjMtMGU2MDhkOGJlYWM2&ui_locales=de-DE&mkt=de-DE&state=kNu8eI9l2-KcUtQQ04BQbs7vPXz-ehbZLfE1qF0E0vi3aG1MpgicVWz4DM0FnGjImIWxftKyikm8owmtt_kbb4AaDPh1o8Elc4EeqeaZYRbVaMfuCBYscZ8LdgDh6CjaWYlgJN3slruiYdmBTua32N97U2UDutM5HxJtXKV-FCE80ly73d2I9M0nTiM6rjs-tdyWH8zFYCb_SDK5KRAPPUO5VD-t4icy8kyhccvITA4tH_W6oVMaSnssWmry2AgQOBb8c_MfnZ1tNFhGMKH2kA&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.12.1.0&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://mso.rcstevens.click/ HTTP 302
https://wwwoffice.rcstevens.click/login HTTP 302
https://mso.rcstevens.click/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwwwoffice.rcstevens.click%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwwwoffice.rcstevens.click%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637920479421509066.YWJlZmZlMjgtYzQ3Mi00NWU2LThlZDQtNjExNTBjMjgxZDg4MGMyMTBiY2MtNTBlNS00OGM5LWJiYjMtMGU2MDhkOGJlYWM2&ui_locales=de-DE&mkt=de-DE&state=kNu8eI9l2-KcUtQQ04BQbs7vPXz-ehbZLfE1qF0E0vi3aG1MpgicVWz4DM0FnGjImIWxftKyikm8owmtt_kbb4AaDPh1o8Elc4EeqeaZYRbVaMfuCBYscZ8LdgDh6CjaWYlgJN3slruiYdmBTua32N97U2UDutM5HxJtXKV-FCE80ly73d2I9M0nTiM6rjs-tdyWH8zFYCb_SDK5KRAPPUO5VD-t4icy8kyhccvITA4tH_W6oVMaSnssWmry2AgQOBb8c_MfnZ1tNFhGMKH2kA&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.12.1.0

5 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response mso.rcstevens.click/	72 KB 25 KB	253ms 162ms	Document text/html	45.11.183.219 SERVINGA-EE
General Check archive.org Show headers Download Go to Full URL https://mso.rcstevens.click/? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.11.183.219 Tallinn, Estonia, ASN207408 (SERVINGA-EE, DE), Reverse DNS uennice.info Software nginx/1.21.6 / Resource Hash `3fd8e12df11962fbd7845a467127c068026c320e1045c27e40a022d4ce0918c2` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-headers * access-control-allow-origin * content-encoding gzip content-type text/html; charset=utf-8 date Tue, 28 Jun 2022 21:19:00 GMT server nginx/1.21.6 vary Accept-Encoding
GET H2	200	authorize Show response mso.rcstevens.click/common/oauth2/v2.0/ Redirect Chain https://mso.rcstevens.click/? https://wwwoffice.rcstevens.click/login https://mso.rcstevens.click/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwwwoffice.rcstevens.click%2Flandingv2&response_type=code%20id_toke...	290 KB 85 KB	1050ms 1049ms	Document text/html	45.11.183.219 SERVINGA-EE
General Check archive.org Show headers Download Go to Full URL https://mso.rcstevens.click/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwwwoffice.rcstevens.click%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwwwoffice.rcstevens.click%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637920479421509066.YWJlZmZlMjgtYzQ3Mi00NWU2LThlZDQtNjExNTBjMjgxZDg4MGMyMTBiY2MtNTBlNS00OGM5LWJiYjMtMGU2MDhkOGJlYWM2&ui_locales=de-DE&mkt=de-DE&state=kNu8eI9l2-KcUtQQ04BQbs7vPXz-ehbZLfE1qF0E0vi3aG1MpgicVWz4DM0FnGjImIWxftKyikm8owmtt_kbb4AaDPh1o8Elc4EeqeaZYRbVaMfuCBYscZ8LdgDh6CjaWYlgJN3slruiYdmBTua32N97U2UDutM5HxJtXKV-FCE80ly73d2I9M0nTiM6rjs-tdyWH8zFYCb_SDK5KRAPPUO5VD-t4icy8kyhccvITA4tH_W6oVMaSnssWmry2AgQOBb8c_MfnZ1tNFhGMKH2kA&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.12.1.0 Requested by Host: mso.rcstevens.click URL: https://mso.rcstevens.click/? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.11.183.219 Tallinn, Estonia, ASN207408 (SERVINGA-EE, DE), Reverse DNS uennice.info Software nginx/1.21.6 / Resource Hash `b9bdc3c46e22ed05c0ac5cd4281a0b404e7d8bb324c4b8b225213afbaa2f3383` Request headers Referer https://mso.rcstevens.click/? Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-headers * access-control-allow-origin * cache-control no-store, no-cache content-encoding gzip content-type text/html; charset=utf-8 date Tue, 28 Jun 2022 21:19:03 GMT nel {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0} p3p CP="DSP CUR OTPi IND OTRi ONL FIN" pragma no-cache referrer-policy strict-origin-when-cross-origin report-to {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity-nel-measure-office-b31c022f.rcstevens.click/api/report?catId=GW+estsfd+dub2"}]} server nginx/1.21.6 vary Accept-Encoding Accept-Encoding x-ms-clitelem 1,50168,0,, x-ms-ests-server 2.1.13006.6 - NEULR2 ProdSlices x-ms-request-id f0b192bb-67c7-458b-92b8-009da4555f00 Redirect headers access-control-allow-headers * access-control-allow-origin * content-type text/html; charset=utf-8 date Tue, 28 Jun 2022 21:19:02 GMT location https://mso.rcstevens.click/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwwwoffice.rcstevens.click%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwwwoffice.rcstevens.click%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637920479421509066.YWJlZmZlMjgtYzQ3Mi00NWU2LThlZDQtNjExNTBjMjgxZDg4MGMyMTBiY2MtNTBlNS00OGM5LWJiYjMtMGU2MDhkOGJlYWM2&ui_locales=de-DE&mkt=de-DE&state=kNu8eI9l2-KcUtQQ04BQbs7vPXz-ehbZLfE1qF0E0vi3aG1MpgicVWz4DM0FnGjImIWxftKyikm8owmtt_kbb4AaDPh1o8Elc4EeqeaZYRbVaMfuCBYscZ8LdgDh6CjaWYlgJN3slruiYdmBTua32N97U2UDutM5HxJtXKV-FCE80ly73d2I9M0nTiM6rjs-tdyWH8zFYCb_SDK5KRAPPUO5VD-t4icy8kyhccvITA4tH_W6oVMaSnssWmry2AgQOBb8c_MfnZ1tNFhGMKH2kA&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.12.1.0 referrer-policy strict-origin-when-cross-origin request-context appId= server nginx/1.21.6 vary Accept-Encoding x-cache CONFIG_NOCACHE x-msedge-ref Ref A: 7BD3F3F6A9A64D50A85B0BD2DDB53179 Ref B: HEL01EDGE1410 Ref C: 2022-06-28T21:19:02Z x-ua-compatible IE=edge,chrome=1
GET H2	200	Primary Request authorize Show response mso.rcstevens.click/common/oauth2/v2.0/	343 KB 82 KB	1042ms 1042ms	Document text/html	45.11.183.219 SERVINGA-EE
General Check archive.org Show headers Download Go to Full URL https://mso.rcstevens.click/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwwwoffice.rcstevens.click%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwwwoffice.rcstevens.click%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637920479421509066.YWJlZmZlMjgtYzQ3Mi00NWU2LThlZDQtNjExNTBjMjgxZDg4MGMyMTBiY2MtNTBlNS00OGM5LWJiYjMtMGU2MDhkOGJlYWM2&ui_locales=de-DE&mkt=de-DE&state=kNu8eI9l2-KcUtQQ04BQbs7vPXz-ehbZLfE1qF0E0vi3aG1MpgicVWz4DM0FnGjImIWxftKyikm8owmtt_kbb4AaDPh1o8Elc4EeqeaZYRbVaMfuCBYscZ8LdgDh6CjaWYlgJN3slruiYdmBTua32N97U2UDutM5HxJtXKV-FCE80ly73d2I9M0nTiM6rjs-tdyWH8zFYCb_SDK5KRAPPUO5VD-t4icy8kyhccvITA4tH_W6oVMaSnssWmry2AgQOBb8c_MfnZ1tNFhGMKH2kA&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.12.1.0&sso_reload=true Requested by Host: mso.rcstevens.click URL: https://mso.rcstevens.click/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwwwoffice.rcstevens.click%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwwwoffice.rcstevens.click%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637920479421509066.YWJlZmZlMjgtYzQ3Mi00NWU2LThlZDQtNjExNTBjMjgxZDg4MGMyMTBiY2MtNTBlNS00OGM5LWJiYjMtMGU2MDhkOGJlYWM2&ui_locales=de-DE&mkt=de-DE&state=kNu8eI9l2-KcUtQQ04BQbs7vPXz-ehbZLfE1qF0E0vi3aG1MpgicVWz4DM0FnGjImIWxftKyikm8owmtt_kbb4AaDPh1o8Elc4EeqeaZYRbVaMfuCBYscZ8LdgDh6CjaWYlgJN3slruiYdmBTua32N97U2UDutM5HxJtXKV-FCE80ly73d2I9M0nTiM6rjs-tdyWH8zFYCb_SDK5KRAPPUO5VD-t4icy8kyhccvITA4tH_W6oVMaSnssWmry2AgQOBb8c_MfnZ1tNFhGMKH2kA&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.12.1.0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.11.183.219 Tallinn, Estonia, ASN207408 (SERVINGA-EE, DE), Reverse DNS uennice.info Software nginx/1.21.6 / Resource Hash `bc3031bf2b62e65f5f7eef20708ad92e4972b73e7133a0feaa84a499b8bb18a7` Request headers Referer https://mso.rcstevens.click/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwwwoffice.rcstevens.click%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwwwoffice.rcstevens.click%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637920479421509066.YWJlZmZlMjgtYzQ3Mi00NWU2LThlZDQtNjExNTBjMjgxZDg4MGMyMTBiY2MtNTBlNS00OGM5LWJiYjMtMGU2MDhkOGJlYWM2&ui_locales=de-DE&mkt=de-DE&state=kNu8eI9l2-KcUtQQ04BQbs7vPXz-ehbZLfE1qF0E0vi3aG1MpgicVWz4DM0FnGjImIWxftKyikm8owmtt_kbb4AaDPh1o8Elc4EeqeaZYRbVaMfuCBYscZ8LdgDh6CjaWYlgJN3slruiYdmBTua32N97U2UDutM5HxJtXKV-FCE80ly73d2I9M0nTiM6rjs-tdyWH8zFYCb_SDK5KRAPPUO5VD-t4icy8kyhccvITA4tH_W6oVMaSnssWmry2AgQOBb8c_MfnZ1tNFhGMKH2kA&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.12.1.0 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-headers * access-control-allow-origin * cache-control no-store, no-cache content-encoding gzip content-type text/html; charset=utf-8 date Tue, 28 Jun 2022 21:19:04 GMT nel {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0} p3p CP="DSP CUR OTPi IND OTRi ONL FIN" pragma no-cache referrer-policy strict-origin-when-cross-origin report-to {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity-nel-measure-office-b31c022f.rcstevens.click/api/report?catId=GW+estsfd+dub2"}]} server nginx/1.21.6 vary Accept-Encoding Accept-Encoding x-ms-clitelem 1,0,0,, x-ms-ests-server 2.1.13006.6 - WEULR2 ProdSlices x-ms-request-id 11a5ee1d-dfa0-4e68-b8ef-f84b12d52a00
GET		Me.htm login.rcstevens.click/	0 0

GET		ConvergedLogin_PCore_UbUmcyGu3AmHaoehHvoQJA2.js aadcdn-msftauth-b31c022f.rcstevens.click/shared/1.0/content/js/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: login.rcstevens.click
URL: https://login.rcstevens.click/Me.htm?v=3

Domain: aadcdn-msftauth-b31c022f.rcstevens.click
URL: https://aadcdn-msftauth-b31c022f.rcstevens.click/shared/1.0/content/js/ConvergedLogin_PCore_UbUmcyGu3AmHaoehHvoQJA2.js

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rcstevens.click/	1970-01-20 12:53:07	Name: __3YEW Value: YjMxYzAyMmYtOTA4OC00NTUzLTkzNWQtM2E4MTg1NjgxZTdlOmZkZjNmYmZiLTg3MGMtNDU2OS1hNDY4LWRkZDU5MjcwNjA2Yw==
.rcstevens.click/	1970-02-08 17:36:38	Name: MUID Value: 18ACE3107CF06AB03C05F2C17D706BDE
wwwoffice.rcstevens.click/	1970-02-08 08:15:03	Name: .AspNetCore.Correlation.OpenIdConnectV2.oSijUN-j607Zog-D5csWoB2Z027VYbptPlOyQYepzC0 Value: N
wwwoffice.rcstevens.click/	1970-02-08 08:15:03	Name: .AspNetCore.OpenIdConnect.Nonce.ytrfANeIdnCyTnsXQUgodeUnar741S3U6Tmaf-9dpyIBq51558o-Pj5vKhAuUYXsMtnxunAJI0xkW75Khm3cL_WkOSLPM26UKiIefNZgYaB955CxJ3q25-T8iLPPnClqqurv8X31Kmk-lhiETmRN1UlYmeF_475lp18_8f6sHZi2IZTLss0X4OcMl0sTR-dBjKhHbEu7VogGfA4YMlwn5C_2hiUQx3CLQ0j2uA1TLVcL_qulusJ8N0h4tMssXOqi Value: N
wwwoffice.rcstevens.click/	1970-02-08 08:15:31	Name: OH.DCAffinity Value: OH-weu
wwwoffice.rcstevens.click/	1970-02-08 17:00:38	Name: OH.FLID Value: 960602f0-1599-41fe-bb06-7e5e8e82cb54
.mso.rcstevens.click/	1969-12-31 23:59:59	Name: AADSSO Value: NA\|NoExtension
mso.rcstevens.click/	1970-01-20 04:07:31	Name: SSOCOOKIEPULLED Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn-msftauth-b31c022f.rcstevens.click
login.rcstevens.click
mso.rcstevens.click
wwwoffice.rcstevens.click
aadcdn-msftauth-b31c022f.rcstevens.click
login.rcstevens.click
45.11.183.219
3fd8e12df11962fbd7845a467127c068026c320e1045c27e40a022d4ce0918c2
b9bdc3c46e22ed05c0ac5cd4281a0b404e7d8bb324c4b8b225213afbaa2f3383
bc3031bf2b62e65f5f7eef20708ad92e4972b73e7133a0feaa84a499b8bb18a7

mso.rcstevens.click Open in urlscan Pro 45.11.183.219 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

5 Requests

60 %HTTPS

0 %IPv6

1 Domains

4 Subdomains

2 IPs

1 Countries

192 kBTransfer

705 kBSize

8 Cookies

0 Outgoing links

Page URL History

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

8 Cookies

Indicators

mso.rcstevens.click Open in urlscan Pro
45.11.183.219 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

60 %
HTTPS

0 %
IPv6

1
Domains

4
Subdomains

2
IPs

1
Countries

192 kB
Transfer

705 kB
Size

8
Cookies

5 HTTP transactions
0 data transactions