hcog.login.em2.oraclecloud.com
Open in
urlscan Pro
141.145.20.172
Public Scan
Effective URL: https://hcog.login.em2.oraclecloud.com/oamfed/idp/samlv20
Submission Tags: falconsandbox
Submission: On December 13 via api from US
Summary
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on August 4th 2020. Valid for: a year.
This is the only time hcog.login.em2.oraclecloud.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 160.34.64.114 160.34.64.114 | 7160 (NETDYNAMICS) (NETDYNAMICS) | |
8 | 141.145.20.172 141.145.20.172 | 43898 (ORCL-AM-OPC1) (ORCL-AM-OPC1) | |
11 | 2 |
ASN7160 (NETDYNAMICS, US)
PTR: vip-ldx-64-114.taleo.net
intertek.taleo.net |
ASN43898 (ORCL-AM-OPC1, NL)
PTR: am2-c2r304-sku2.login.em2.oraclecloud.com
hcog.login.em2.oraclecloud.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
oraclecloud.com
hcog.login.em2.oraclecloud.com |
50 KB |
3 |
taleo.net
intertek.taleo.net |
5 KB |
11 | 2 |
Domain | Requested by | |
---|---|---|
8 | hcog.login.em2.oraclecloud.com |
hcog.login.em2.oraclecloud.com
|
3 | intertek.taleo.net |
intertek.taleo.net
|
11 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
hcog.fa.em2.oraclecloud.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.taleo.net DigiCert SHA2 Secure Server CA |
2020-01-28 - 2021-04-28 |
a year | crt.sh |
*.login.em2.oraclecloud.com DigiCert SHA2 Secure Server CA |
2020-08-04 - 2021-08-18 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://hcog.login.em2.oraclecloud.com/oamfed/idp/samlv20
Frame ID: C1599DF7EA0DD873541470A309245BAC
Requests: 11 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://intertek.taleo.net/transition/index.jsf?lang=en Page URL
- https://intertek.taleo.net/smartorg/SamlInterSiteTransferService.jss?lang=en&TARGET=https%3A%2F%2Finter... Page URL
- https://intertek.taleo.net/smartorg/saml20authnrequestservlet.jss?redirectionURI=https%3A%2F%2Fintertek... Page URL
- https://hcog.login.em2.oraclecloud.com/oamfed/idp/samlv20 Page URL
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Forgot Password
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://intertek.taleo.net/transition/index.jsf?lang=en Page URL
- https://intertek.taleo.net/smartorg/SamlInterSiteTransferService.jss?lang=en&TARGET=https%3A%2F%2Fintertek.taleo.net%2Ftransition%2Findex.jsf%3Flang%3Den Page URL
- https://intertek.taleo.net/smartorg/saml20authnrequestservlet.jss?redirectionURI=https%3A%2F%2Fintertek.taleo.net%2Fsmartorg%2FSamlInterSiteTransferService.jss%3Flang%3Den%26TARGET%3Dhttps%253A%252F%252Fintertek.taleo.net%252Ftransition%252Findex.jsf%253Flang%253Den&TARGET=https%3A%2F%2Fintertek.taleo.net%2Fsmartorg%2FSamlInterSiteTransferService.jss%3Flang%3Den%26TARGET%3Dhttps%253A%252F%252Fintertek.taleo.net%252Ftransition%252Findex.jsf%253Flang%253Den Page URL
- https://hcog.login.em2.oraclecloud.com/oamfed/idp/samlv20 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
index.jsf
intertek.taleo.net/transition/ |
1 KB 978 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SamlInterSiteTransferService.jss
intertek.taleo.net/smartorg/ |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
saml20authnrequestservlet.jss
intertek.taleo.net/smartorg/ |
4 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
Primary Request
Cookie set
samlv20
hcog.login.em2.oraclecloud.com/oamfed/idp/ |
6 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loginTemplate_rtl.css
hcog.login.em2.oraclecloud.com/fusion_apps/global/v3/ |
11 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loginTemplate.css
hcog.login.em2.oraclecloud.com/fusion_apps/global/v3/ |
12 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
config.js
hcog.login.em2.oraclecloud.com/fusion_apps/global/v3/ |
7 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
messages.js
hcog.login.em2.oraclecloud.com/fusion_apps/global/v3/ |
9 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loginJS.js
hcog.login.em2.oraclecloud.com/fusion_apps/global/v3/ |
17 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mcs_login_324.png
hcog.login.em2.oraclecloud.com/fusion_apps/global/images/ |
22 KB 22 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
OracleLogo.png
hcog.login.em2.oraclecloud.com/fusion_apps/global/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
80 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| antiClickjack string| currentPageLang undefined| isError string| OimOHSHostPort number| maxLogoutWaitTime object| callBackLocations string| redirectToPage string| abtProduct string| helpLinkHREF string| privacyPolicy undefined| copyRightTEXT string| appLogoIMAGE string| appNameTEXT string| appNameTEXT4Cloud string| appLogoWIDTH string| appLogoHEIGHT object| displayLangs string| registrationURL string| lostPasswordURL string| trackRegistrationURL boolean| hideRegLink boolean| hideLocaleSelect boolean| disableJSPopup number| maxAllowedInputSize boolean| isOIMLostPassword string| loginRedirectScript string| logoutRedirectScript string| postActionURL string| queryParamName number| maxImagesToLoad number| imagesLoaded object| multiDimArray object| emptyUserName object| emptyPassword object| logoutSuccess object| logoutFailed boolean| isNav4 boolean| isIE4 boolean| isNS6 boolean| showLang undefined| endURL string| backUrlParam undefined| undef function| detectBrowser function| checkForEnterKey function| logIn function| registerUser function| trackUserRegistration function| lostPassword function| onBodyLoad function| placeholderIsSupported function| autoCompleteOff function| localeSelect function| populateSimpleForm function| setCustomHeaderFooter function| incrLoadedImages function| loadLogoutImages function| waitAndRedirect function| checkIfEndURL function| checkIfQueryString function| setFocusOnElement function| Ajax function| getXMLHttpRequestObject function| send function| successCallback function| submitCreds function| submitform function| onClickSubmit function| callLanguageChange object| localeOption string| dispLang6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.oraclecloud.com/ | Name: ORA_FUSION_PREFS Value: v1.0~bG9jYWxlPWVuLXVzfmRlZmF1bHRMYW5ndWFnZU1hcmtlcj1mYWxzZX5wcmVmZXJyZWRMYW5ndWFnZT1lbi11cw== |
|
hcog.login.em2.oraclecloud.com/ | Name: ECID-Context Value: 1.005h_Q^plIEEOP9pRct1id0003dW0001y6@kXjglfCWn5MK9QJBjHPRaLOPj9OPkVBSXTORqICC0ZJOoOTLkKPOoLRKlSODoITT_G |
|
hcog.login.em2.oraclecloud.com/ | Name: OAM_REQ_COUNT Value: VERSION_4~1 |
|
hcog.login.em2.oraclecloud.com/ | Name: JSESSIONID Value: K8lb0BaUj7UOci6DTaAWlhV7givoJULkWZkoHoXgZq22KjyiJgpA!715817388 |
|
hcog.login.em2.oraclecloud.com/ | Name: OAM_REQ_0 Value: VERSION_4~SEaUFkHz1fz1WlP%2fT49R1scs2vmelRAn50mC4qyfkZlRcdhhTKM7Pd%2fbQ2OQ08VBOnreqPCoJJmKvaIH2v6%2bKZuEUmlx29QfIxVzRoBdRomjlo51Tw5oMEbn4UaXcFgKLlIFimNJihb8L47qIvK3nsIffMCMbZEJ5ZcwHqi1urdhsBseBAVPN0SvLNqy3Rm%2fyqZCoQU8Fa4iXAfTyj389wukykL4BnG7yCyHxbdt2kgv5rjYBIJIDs0xFvj7pJHJE%2fkVlRIKw1Q7AlyrMnD2DB0qWUIrkEMSowi2AyRwuJPXiDRxAQu1a%2b4fevOEjXd4ihfWK55E5k46XTp40%2frfrP5hswNOpxBdgBfMY2hrh2CoZFw02W8UtuFqOxmlf1%2fwbOfwjQZGfp3NXXtcCpkMpVZOU%2fdXs3nPf8uSj86h%2bc%2f%2bje0G%2bBZkzI0wLW5mT4kfFLI0nvRmqlwMPJb%2fUl%2blmG7aTuer5P1IscFhe%2bz0jZ9I57eXwY%2fH35ay%2b1lLrDvwuYAulOpyJ%2biKwaqbwczW4hh22mhMZwI1TLMOu4ZfLnxMOxgkbF4BIQDYMU3dCAq41aS7WK1tf%2bQEN%2fT8x2hA1lrZZj1%2fARO6TxgIHjjszS0rjJrzH0lN98mlEC5i6A8qQ6QNihOvivwQ%2b0Pp2EQO1R9QL4wg9rgtLUBdU1SNwuTrs3yEvaaGZZXhFQ2sWVeGbUoEHJclXa1RnHl4FdQb76MHdaeurQqfI1Remv0XtJsbG6noKx%2fYtw33SUGbC3Rp4wt1C99eXomE7cWGDU4MHTJs27TvgUxm%2fMlZY%2fmznY4ec29dbaVEpv1n93qmGCVLLuWMvgqqNJhXxlRF0XqEysQJLa42vZBmtuGxQEPDaliR%2bOXnYkE1p6vh0mZavi2IYTtzlhVK5IHGWz8Z%2fPsa3V%2bPrmJSfUp%2bksaeLcX%2frP6ZlnseWLd5fW9tEtVdrZEB53oZZez2SiSBZRBha5XXdE5IRmhF2HkKrz6tEszTBydJ3tDBzeRU6PdH6JewYnAiik9OgoTkeedV3Ht8Ceg98UoE0Ddsx6UAnKbts8mewDKtxbX9x0K%2bP9s6rjs3mOS%2flXu8S%2flONx%2bZmtyL9Jyg0PGEKhNpM%2brYg6vdHpUCN%2fgraF%2fyPbp6z8iNnsXKSetj8OfDA3LU60InfT0QPpXg0jiecWcH%2fKc2jLaLTqzR2SmJhxjJO7a8Mu9Pl6f9q%2bD0MtHTV9igTbAA62s%2fiDpj9%2bEz6kv71vOgz8G1umWJwn1ZaTrZ9Yao0yKdgW69XfIE%2b3qOYj9%2fNQFtEGVviUyPO6s%2fTRw82nGSUyVrD1CLoO7qoC3KN1fyxvMIEBrl44MDoDVPMv1dOjZBm5pDXCM1hYs8SVUkSahA2gptlkuGcYbv%2bkAa4424SnTrYa9tGDnmbB52S40ig5NoyTYg9tj6YVulk6d2ZzkA5CTaO8EHeBVyWlxvdpBj6lxfPhUlTqxJ2sGgNA3FCmo52V28yJSL8andYQJOK32rLOzB2ttWoxHkT0OasGUZe%2fmRXrY0moPecN4pY9MWPqLAnvbR9b2B1ys0bvyuraavMDstHh%2fsdzgKV%2f7Sgat%2bpPLg%2bjzLiw34aATvi5K4BAYoobRWCDi%2fVw07zNAcE%2b4SntOMJLgzSL%2f4x15NojqN4kyHhAg1sY5mVpPa1%2bOer4ZX13aPq9begc4laS3zMGGi6wFvUWRzc19ML25w7Msq%2fqcgrmMCBT1%2bh8pq3YJ9u2BgEEWMR1KDaG26otazXLGf5KNc1SnRpXC0pktIBNLQgkcW50Les12A5YDaXMlQucsXAAasY3Jf0CG80cSFIUJeBjSw9dSWB%2f41oFh1EPCYC0jZElj%2f5duHgPLKg1dU2OuILlG9t8zruw%2fRFowQGythydPCig56Qe6URXGiflvQ1n%2bM58kAIrsX7UXC8VJUhXaAOIoFOkUITE4LDJQUHTkWPJ4t3zgGUGklzIAgNoPEqXHdeDxQzanVpwfLREiiwWbcJ18NtIbejm74nMDHA7ncjlt6S%2bIawhLIevLMidxkjfsQvT12I8pl0mG7bbyhk%2fnGl10Yl58izxdU%2bG7x%2bEJ2%2bYMDhEUzQwUCXgT9pk8rjGQMg1qLA5wojYGvSJoqL8qlm2AGvVGvNWP%2bar4QubQx1dqutNlZtxRM%2fxUNIdK9Txm7762nUDis |
|
hcog.login.em2.oraclecloud.com/ | Name: OAM_JSESSIONID Value: YU9b0BaPM7D4wWIlYv7L02zlIb-ppY2g9Un-G-DURk4ypjTiSw6W!715817388 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
hcog.login.em2.oraclecloud.com
intertek.taleo.net
141.145.20.172
160.34.64.114
060d1b97a90cbc5aef2eb5dbb20945f01d1854cac6360e2f979ebb16cf494500
299a7e8b67d6cbb1439915fd27e2730ca1705bd1d920cd0e693e1d7d79ede145
32a6ac959699fb48f4c9317e58a6506645bd457b6dae5cfc5b572142f115ad27
457584adfe22849c8942110560cb2cab2aaa3d7f8fe3521b4c43fca37b8b3d3b
94af3b10c809c58d4fd572f0512988f50e57fc22ad097f1e541dcc67703bc05e
a0ab7a1b13100dccb29bb6775b1b3498e7a507aa73476ea0448fb666a25e51c1
b633e593eb72343af63f6ba577def0373a9a54d1916e603a576938966f56182b
b9f0a696e18cba72d2460283005a81bad20f9f7882814d12e97777588221142d
d1aa17f2f90694956b9bf51d572e2778c00680210847e26efb4aa17afcae5651