bakerhughes.riskworks.com Open in urlscan Pro
69.167.157.129 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://u2769588.ct.sendgrid.net/wf/click?upn=TAJB207dgqQqmqdAMtq6Ohx8cupE0xEU84jWRmXIvm9rWs3z-2BRjq-2Fx9fOhTOT5AT_1RNteSf-2FvTzb...
Effective URL:
https://bakerhughes.riskworks.com/rmsupport/alert.aspx?ID=1425e2fe-c670-4668-ad31-08cd4b87d932&RD=0&Browser=Chrome&Version=74
Submission: On September 18 via manual (September 18th 2019, 7:57:38 pm UTC) from GB

Summary HTTP 24 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 4 domains to perform 24 HTTP transactions. The main IP is 69.167.157.129, located in Lansing, United States and belongs to LIQUIDWEB - Liquid Web, L.L.C, US. The main domain is bakerhughes.riskworks.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on March 13th 2019. Valid for: a year.

This is the only time bakerhughes.riskworks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.123.16 167.89.123.16	11377 (SENDGRID) (SENDGRID - SendGrid)
1 23	69.167.157.129 69.167.157.129	32244 (LIQUIDWEB) (LIQUIDWEB - Liquid Web)
1 1	104.16.84.55 104.16.84.55	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	104.18.74.113 104.18.74.113	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
24	3

1 167.89.123.16 (United States) 1 redirects

ASN11377 (SENDGRID - SendGrid, Inc., US)
PTR: o16789123x16.outbound-mail.sendgrid.net

u2769588.ct.sendgrid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 69.167.157.129 (Lansing, United States) 1 redirects

ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US)

bakerhughes.riskworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.84.55 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

v2.zopim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.74.113 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	riskworks.com 1 redirects bakerhughes.riskworks.com	178 KB
1	zdassets.com static.zdassets.com ekr.zdassets.com Failed	7 KB
1	zopim.com 1 redirects v2.zopim.com	421 B
1	sendgrid.net 1 redirects u2769588.ct.sendgrid.net	245 B
24	4

	Domain	Requested by
23	bakerhughes.riskworks.com	1 redirects bakerhughes.riskworks.com
1	static.zdassets.com	bakerhughes.riskworks.com
1	v2.zopim.com	1 redirects
1	u2769588.ct.sendgrid.net	1 redirects
0	ekr.zdassets.com Failed	static.zdassets.com
24	5

This site contains no links.

Subject Issuer	Validity	Valid
*.riskworks.com Go Daddy Secure Certificate Authority - G2	`2019-03-13` - `2020-05-12`	a year	crt.sh
*.zdassets.com Sectigo RSA Domain Validation Secure Server CA	`2019-06-25` - `2021-05-31`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://bakerhughes.riskworks.com/rmsupport/alert.aspx?ID=1425e2fe-c670-4668-ad31-08cd4b87d932&RD=0&Browser=Chrome&Version=74
Frame ID: C0F14DB6B224C5F4E065A2B014EAD117
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://u2769588.ct.sendgrid.net/wf/click?upn=TAJB207dgqQqmqdAMtq6Ohx8cupE0xEU84jWRmXIvm9rWs3z-2BRjq-2Fx9fOhT... HTTP 302
https://bakerhughes.riskworks.com/ HTTP 302
https://bakerhughes.riskworks.com/core/security/logon.asp?sourceURL=https%3A%2F%2Fbakerhughes%2Eriskworks%2Eco... Page URL
https://bakerhughes.riskworks.com/rmsupport/alert.aspx?ID=1425e2fe-c670-4668-ad31-08cd4b87d932&RD=0&Browser=Ch... Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
html /<input[^>]+name="__VIEWSTATE/i

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<input[^>]+name="__VIEWSTATE/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
html /<input[^>]+name="__VIEWSTATE/i

Page Statistics

24
Requests

96 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

3
IPs

1
Countries

185 kB
Transfer

343 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://u2769588.ct.sendgrid.net/wf/click?upn=TAJB207dgqQqmqdAMtq6Ohx8cupE0xEU84jWRmXIvm9rWs3z-2BRjq-2Fx9fOhTOT5AT_1RNteSf-2FvTzblLLgJcF8XlkHAkpwA5yC3WyfwkstwM2adBGypZz-2B2mILd46e0zCT6QeFPZEKXRRmptFhoFuvEyFS5uGc3-2FWE-2FTAqai89jPNaWzcBReKHTz545hYLBf1VUJTnhdE2Ap7zuN67h0rwWDW3E-2FdjyJ2-2FBNL5xq0UThI0dalHoqI6eIHoolqxK3lEkV94SaNv1wSB9WlXa9da7SP8EwLTS4lAhnchinBJEHQ-3D HTTP 302
https://bakerhughes.riskworks.com/ HTTP 302
https://bakerhughes.riskworks.com/core/security/logon.asp?sourceURL=https%3A%2F%2Fbakerhughes%2Eriskworks%2Ecom%2FDefault%2Easp%3F&SecurityMessage= Page URL
https://bakerhughes.riskworks.com/rmsupport/alert.aspx?ID=1425e2fe-c670-4668-ad31-08cd4b87d932&RD=0&Browser=Chrome&Version=74 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://u2769588.ct.sendgrid.net/wf/click?upn=TAJB207dgqQqmqdAMtq6Ohx8cupE0xEU84jWRmXIvm9rWs3z-2BRjq-2Fx9fOhTOT5AT_1RNteSf-2FvTzblLLgJcF8XlkHAkpwA5yC3WyfwkstwM2adBGypZz-2B2mILd46e0zCT6QeFPZEKXRRmptFhoFuvEyFS5uGc3-2FWE-2FTAqai89jPNaWzcBReKHTz545hYLBf1VUJTnhdE2Ap7zuN67h0rwWDW3E-2FdjyJ2-2FBNL5xq0UThI0dalHoqI6eIHoolqxK3lEkV94SaNv1wSB9WlXa9da7SP8EwLTS4lAhnchinBJEHQ-3D HTTP 302
https://bakerhughes.riskworks.com/ HTTP 302
https://bakerhughes.riskworks.com/core/security/logon.asp?sourceURL=https%3A%2F%2Fbakerhughes%2Eriskworks%2Ecom%2FDefault%2Easp%3F&SecurityMessage=

Request Chain 19

https://v2.zopim.com/?1snKPDaFJZ6s5dUwQ4v0nVbkSqywPpGA HTTP 302
https://static.zdassets.com/ekr/asset_composer.js

24 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Cookie set logon.asp Show response
bakerhughes.riskworks.com/core/security/
Redirect Chain

https://u2769588.ct.sendgrid.net/wf/click?upn=TAJB207dgqQqmqdAMtq6Ohx8cupE0xEU84jWRmXIvm9rWs3z-2BRjq-2Fx9fOhTOT5AT_1RNteSf-2FvTzblLLgJcF8XlkHAkpwA5yC3WyfwkstwM2adBGypZz-2B2mILd46e0zCT6QeFPZEKXRRmpt...
https://bakerhughes.riskworks.com/
https://bakerhughes.riskworks.com/core/security/logon.asp?sourceURL=https%3A%2F%2Fbakerhughes%2Eriskworks%2Ecom%2FDefault%2Easp%3F&SecurityMessage=

17 KB
5 KB

143ms
143ms

Document
text/html

69.167.157.129
Liquid Web

General

Domain/Path	Expires	Name / Value
bakerhughes.riskworks.com/	1970-01-19 03:47:17	Name: Exigis_bakerhughes_AType Value: CustomPageBlock
bakerhughes.riskworks.com/	1970-01-19 03:47:17	Name: Exigis_bakerhughes_Message Value:
bakerhughes.riskworks.com/	1970-01-19 03:47:17	Name: Exigis_bakerhughes_PID Value: 1425e2fe-c670-4668-ad31-08cd4b87d932
bakerhughes.riskworks.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: moqquca5ycshivbokwictegk
bakerhughes.riskworks.com/	1970-01-19 03:47:17	Name: Exigis_bakerhughes Value: C5649DD5-A7EC-79EA-AD11-4A3376A9B80C
bakerhughes.riskworks.com/	1969-12-31 23:59:59	Name: ASPSESSIONIDSGARASTT Value: GONELJECMEFNGAILBJKJHBLN

bakerhughes.riskworks.com Open in urlscan Pro 69.167.157.129 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

24 Requests

96 %HTTPS

0 %IPv6

4 Domains

5 Subdomains

3 IPs

1 Countries

185 kBTransfer

343 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

6 Cookies

Indicators

bakerhughes.riskworks.com Open in urlscan Pro
69.167.157.129 Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

96 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

3
IPs

1
Countries

185 kB
Transfer

343 kB
Size

6
Cookies

24 HTTP transactions
0 data transactions