urlscan.io logo urlscan.io
SecurityTrails logo

worley-corp-sts.relyonnutec.com Open in urlscan Pro
52.58.125.18  Public Scan

Go To Rescan Add Verdict Report
URL: https://worley-corp-sts.relyonnutec.com/Account/ForgotDetails
Submission: On November 08 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 10 HTTP transactions. The main IP is 52.58.125.18, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is worley-corp-sts.relyonnutec.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on October 27th 2022. Valid for: a year.
This is the only time worley-corp-sts.relyonnutec.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 52.58.125.18 16509 (AMAZON-02)
1 152.199.19.161 15133 (EDGECAST)
2 13.69.106.215 8075 (MICROSOFT...)
10 3
Apex Domain
Subdomains		 Transfer
7 relyonnutec.com
worley-corp-sts.relyonnutec.com
104 KB
2 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 793
372 B
1 msecnd.net
az416426.vo.msecnd.net — Cisco Umbrella Rank: 2383
22 KB
10 3
Domain Requested by
7 worley-corp-sts.relyonnutec.com worley-corp-sts.relyonnutec.com
2 dc.services.visualstudio.com az416426.vo.msecnd.net
1 az416426.vo.msecnd.net worley-corp-sts.relyonnutec.com
10 3

This site contains links to these domains. Also see Links.

Domain
worley.relyonnutec.com
Subject Issuer Validity Valid
*.relyonnutec.com
Go Daddy Secure Certificate Authority - G2		 2022-10-27 -
2023-11-28		 a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2023-05-05 -
2024-04-28		 a year crt.sh
in.applicationinsights.azure.com
Microsoft Azure RSA TLS Issuing CA 07		 2023-09-02 -
2024-08-27		 a year crt.sh

This page contains 1 frames:

Primary Page: https://worley-corp-sts.relyonnutec.com/Account/ForgotDetails
Frame ID: 997529F721009DEFA844B1387A2E87B9
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Rider Forgotten Account Details

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

127 kB
Transfer

358 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ForgotDetails
worley-corp-sts.relyonnutec.com/Account/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://worley-corp-sts.relyonnutec.com/Account/ForgotDetails
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.58.125.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-125-18.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b40469cd46cb6059966f644960837092e3d3964e8147000b84da015c14032dd8
Security Headers
Name Value
Strict-Transport-Security max-age: 31622400; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private
content-encoding
gzip
content-length
2180
content-type
text/html; charset=utf-8
date
Wed, 08 Nov 2023 16:19:54 GMT
server
Microsoft-IIS/10.0
strict-transport-security
max-age: 31622400; includeSubDomains
vary
Accept-Encoding
x-aspnet-version
4.0.30319
x-aspnetmvc-version
5.2
x-frame-options
SAMEORIGIN
x-powered-by
ASP.NET
rider.css
worley-corp-sts.relyonnutec.com/Content/ 		141 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://worley-corp-sts.relyonnutec.com/Content/rider.css
Requested by
Host: worley-corp-sts.relyonnutec.com
URL: https://worley-corp-sts.relyonnutec.com/Account/ForgotDetails
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.58.125.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-125-18.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e5cedc6f162dbcceaca13af8d9578ef5c399d1b638a0dae3ae14bc66a887fc06
Security Headers
Name Value
Strict-Transport-Security max-age: 31622400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://worley-corp-sts.relyonnutec.com/Account/ForgotDetails
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age: 31622400; includeSubDomains
content-encoding
gzip
date
Wed, 08 Nov 2023 16:19:54 GMT
last-modified
Thu, 19 Oct 2023 09:59:02 GMT
server
Microsoft-IIS/10.0
etag
"41bc3ae3722da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
32573
styles.css
worley-corp-sts.relyonnutec.com/Content/ 		559 B
485 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://worley-corp-sts.relyonnutec.com/Content/styles.css
Requested by
Host: worley-corp-sts.relyonnutec.com
URL: https://worley-corp-sts.relyonnutec.com/Account/ForgotDetails
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.58.125.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-125-18.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c6be09be55d2e47267952f4ceb4314704a35a9f837eeb00287ca96805580ca0f
Security Headers
Name Value
Strict-Transport-Security max-age: 31622400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://worley-corp-sts.relyonnutec.com/Account/ForgotDetails
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age: 31622400; includeSubDomains
content-encoding
gzip
date
Wed, 08 Nov 2023 16:19:54 GMT
last-modified
Thu, 19 Oct 2023 09:59:02 GMT
server
Microsoft-IIS/10.0
etag
"41bc3ae3722da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
421
jquery-3.6.0.min.js
worley-corp-sts.relyonnutec.com/Scripts/ 		87 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://worley-corp-sts.relyonnutec.com/Scripts/jquery-3.6.0.min.js
Requested by
Host: worley-corp-sts.relyonnutec.com
URL: https://worley-corp-sts.relyonnutec.com/Account/ForgotDetails
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.58.125.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-125-18.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age: 31622400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://worley-corp-sts.relyonnutec.com/Account/ForgotDetails
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age: 31622400; includeSubDomains
content-encoding
gzip
date
Wed, 08 Nov 2023 16:19:54 GMT
last-modified
Thu, 19 Oct 2023 09:59:02 GMT
server
Microsoft-IIS/10.0
etag
"bf9b3de3722da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
39756
logo.svg
worley-corp-sts.relyonnutec.com/Content/Images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://worley-corp-sts.relyonnutec.com/Content/Images/logo.svg
Requested by
Host: worley-corp-sts.relyonnutec.com
URL: https://worley-corp-sts.relyonnutec.com/Account/ForgotDetails
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.58.125.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-125-18.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
692d9b200abbc395c29a2c0312dc1fbb0a88611eb07c1645736afd252bc3b8bc
Security Headers
Name Value
Strict-Transport-Security max-age: 31622400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://worley-corp-sts.relyonnutec.com/Account/ForgotDetails
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age: 31622400; includeSubDomains
date
Wed, 08 Nov 2023 16:19:54 GMT
last-modified
Tue, 07 Jun 2022 12:32:59 GMT
server
Microsoft-IIS/10.0
etag
"ed1efab86a7ad81:0"
x-powered-by
ASP.NET
content-type
image/svg+xml
accept-ranges
bytes
content-length
4446
icon.svg
worley-corp-sts.relyonnutec.com/Content/Images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://worley-corp-sts.relyonnutec.com/Content/Images/icon.svg
Requested by
Host: worley-corp-sts.relyonnutec.com
URL: https://worley-corp-sts.relyonnutec.com/Account/ForgotDetails
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.58.125.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-125-18.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e2c0fcc0c8fbc2c2b4a57cdeb16ac412bd475d367ed970e9935e9afe4f1d7680
Security Headers
Name Value
Strict-Transport-Security max-age: 31622400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://worley-corp-sts.relyonnutec.com/Account/ForgotDetails
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age: 31622400; includeSubDomains
date
Wed, 08 Nov 2023 16:19:54 GMT
last-modified
Thu, 19 Oct 2023 09:59:02 GMT
server
Microsoft-IIS/10.0
etag
"a2603ae3722da1:0"
x-powered-by
ASP.NET
content-type
image/svg+xml
accept-ranges
bytes
content-length
2942
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		94 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: worley-corp-sts.relyonnutec.com
URL: https://worley-corp-sts.relyonnutec.com/Account/ForgotDetails
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.161 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/488D) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://worley-corp-sts.relyonnutec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 08 Nov 2023 16:19:54 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-01 19:31:04
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
655
x-cache
HIT
content-length
22495
x-ms-lease-status
unlocked
last-modified
Thu, 11 Mar 2021 07:46:59 GMT
server
ECAcc (ama/488D)
etag
0x8D8E461DA1A5889
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
bc5ff27a-101e-0103-175d-12ba51000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
expires
Wed, 08 Nov 2023 16:49:54 GMT
glyphicons-halflings-regular.woff
worley-corp-sts.relyonnutec.com/Content/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://worley-corp-sts.relyonnutec.com/Content/fonts/glyphicons-halflings-regular.woff
Requested by
Host: worley-corp-sts.relyonnutec.com
URL: https://worley-corp-sts.relyonnutec.com/Content/rider.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.58.125.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-125-18.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e
Security Headers
Name Value
Strict-Transport-Security max-age: 31622400; includeSubDomains

Request headers

Referer
https://worley-corp-sts.relyonnutec.com/Content/rider.css
Origin
https://worley-corp-sts.relyonnutec.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age: 31622400; includeSubDomains
date
Wed, 08 Nov 2023 16:19:54 GMT
last-modified
Thu, 19 Oct 2023 09:59:02 GMT
server
Microsoft-IIS/10.0
etag
"cd039e3722da1:0"
x-powered-by
ASP.NET
content-type
application/x-woff
accept-ranges
bytes
content-length
23320
track
dc.services.visualstudio.com/v2/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.215 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://worley-corp-sts.relyonnutec.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
date
Wed, 08 Nov 2023 16:19:55 GMT
x-content-type-options
nosniff
track
dc.services.visualstudio.com/v2/ 		186 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.215 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
43f9cea186c6a97cf28dc6183d6f81e945bc8aada8bb2a77042d9c9e4423d067
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://worley-corp-sts.relyonnutec.com/
accept-language
de-DE,de;q=0.9
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
498E6421-2F3C-4694-A042-54E65BCD97A5
strict-transport-security
max-age=31536000
date
Wed, 08 Nov 2023 16:19:55 GMT
x-content-type-options
nosniff
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length
186

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| $ function| jQuery object| appInsights object| AI object| Microsoft function| __extends function| _endsWith

3 Cookies

Domain/Path Name / Value
worley-corp-sts.relyonnutec.com/ Name: __RequestVerificationToken
Value: eXlXhUyeyljltER9RtcN2sg_0EGARr4B4oUK9AfP1eJRZLDV14WUvcNQZzircHisSX3Vm-m4ij1eSvo359_-vIJEWeB54Lagh-BQKNwykr41
worley-corp-sts.relyonnutec.com/ Name: ai_user
Value: mjabf|2023-11-08T16:19:54.602Z
worley-corp-sts.relyonnutec.com/ Name: ai_session
Value: RxNWG|1699460394711|1699460394711

1 Console Messages

Source Level URL
Text
network error URL: https://dc.services.visualstudio.com/v2/track
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age: 31622400; includeSubDomains
X-Frame-Options SAMEORIGIN