urlscan.io logo urlscan.io
SecurityTrails logo

idcs-6dfbdd810afa4d509f6cfc191d612acd.identity.oraclecloud.com Open in urlscan Pro
138.1.37.19  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://click.communications.cu.edu/?qs=58c1f9e147db42cdbe58be57c52395ea8916cb9d929c9a7db1acb67170ec8aba187bcdc709c8cfa5e65705687a0b...
Effective URL: https://idcs-6dfbdd810afa4d509f6cfc191d612acd.identity.oraclecloud.com/sso/v1/user/login
Submission: On July 28 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 3 HTTP transactions. The main IP is 138.1.37.19, located in Phoenix, United States and belongs to ORACLE-BMC-31898, US. The main domain is idcs-6dfbdd810afa4d509f6cfc191d612acd.identity.oraclecloud.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on December 10th 2020. Valid for: a year.
This is the only time idcs-6dfbdd810afa4d509f6cfc191d612acd.identity.oraclecloud.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.111.229.121 22606 (EXACT-7)
1 1 204.228.68.23 62671 (UNIVERSIT...)
1 204.228.70.154 62671 (UNIVERSIT...)
1 2 138.1.37.19 31898 (ORACLE-BM...)
3 3

This site contains no links.

Subject Issuer Validity Valid
mcpngprd.prod.cu.edu
COMODO RSA Organization Validation Secure Server CA		 2020-03-03 -
2022-03-03		 2 years crt.sh
*.identity.oraclecloud.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-10 -
2022-01-10		 a year crt.sh

This page contains 1 frames:

Frame: https://login.ucdenver.edu/
Frame ID: C5D0BA301F0F5C62E2046E21A139E2E4
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://click.communications.cu.edu/?qs=58c1f9e147db42cdbe58be57c52395ea8916cb9d929c9a7db1acb67170ec8aba187bcdc7... HTTP 302
    https://portal.prod.cu.edu/psc/epprod/UCD3/ENTP/s/WEBLIB_CU_EFORM.ISCRIPT1.FieldFormula.IScript_Populat... HTTP 302
    https://ping.prod.cu.edu/idp/startSSO.ping?PartnerSpId=SP:EnterprisePortal&IdpSelectorId=DenverIDP&Ta... Page URL
  2. https://idcs-6dfbdd810afa4d509f6cfc191d612acd.identity.oraclecloud.com/fed/v1/idp/sso HTTP 302
    https://idcs-6dfbdd810afa4d509f6cfc191d612acd.identity.oraclecloud.com/sso/v1/user/login Page URL

Page Statistics

3
Requests

67 %
HTTPS

0 %
IPv6

3
Domains

5
Subdomains

3
IPs

1
Countries

6 kB
Transfer

5 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.communications.cu.edu/?qs=58c1f9e147db42cdbe58be57c52395ea8916cb9d929c9a7db1acb67170ec8aba187bcdc709c8cfa5e65705687a0bd5249aab58c888646533 HTTP 302
    https://portal.prod.cu.edu/psc/epprod/UCD3/ENTP/s/WEBLIB_CU_EFORM.ISCRIPT1.FieldFormula.IScript_Populate_eForm?form=Denver_Anschutz_Vaccine_Attestation_Form HTTP 302
    https://ping.prod.cu.edu/idp/startSSO.ping?PartnerSpId=SP:EnterprisePortal&IdpSelectorId=DenverIDP&TargetResource=https%3A%2F%2Fportal.prod.cu.edu%2Fpsc%2Fepprod%2FUCD3%2FENTP%2Fs%2FWEBLIB_CU_EFORM.ISCRIPT1.FieldFormula.IScript_Populate_eForm%3Fform%3DDenver_Anschutz_Vaccine_Attestation_Form Page URL
  2. https://idcs-6dfbdd810afa4d509f6cfc191d612acd.identity.oraclecloud.com/fed/v1/idp/sso HTTP 302
    https://idcs-6dfbdd810afa4d509f6cfc191d612acd.identity.oraclecloud.com/sso/v1/user/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://click.communications.cu.edu/?qs=58c1f9e147db42cdbe58be57c52395ea8916cb9d929c9a7db1acb67170ec8aba187bcdc709c8cfa5e65705687a0bd5249aab58c888646533 HTTP 302
  • https://portal.prod.cu.edu/psc/epprod/UCD3/ENTP/s/WEBLIB_CU_EFORM.ISCRIPT1.FieldFormula.IScript_Populate_eForm?form=Denver_Anschutz_Vaccine_Attestation_Form HTTP 302
  • https://ping.prod.cu.edu/idp/startSSO.ping?PartnerSpId=SP:EnterprisePortal&IdpSelectorId=DenverIDP&TargetResource=https%3A%2F%2Fportal.prod.cu.edu%2Fpsc%2Fepprod%2FUCD3%2FENTP%2Fs%2FWEBLIB_CU_EFORM.ISCRIPT1.FieldFormula.IScript_Populate_eForm%3Fform%3DDenver_Anschutz_Vaccine_Attestation_Form

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set startSSO.ping
ping.prod.cu.edu/idp/
Redirect Chain
  • https://click.communications.cu.edu/?qs=58c1f9e147db42cdbe58be57c52395ea8916cb9d929c9a7db1acb67170ec8aba187bcdc709c8cfa5e65705687a0bd5249aab58c888646533
  • https://portal.prod.cu.edu/psc/epprod/UCD3/ENTP/s/WEBLIB_CU_EFORM.ISCRIPT1.FieldFormula.IScript_Populate_eForm?form=Denver_Anschutz_Vaccine_Attestation_Form
  • https://ping.prod.cu.edu/idp/startSSO.ping?PartnerSpId=SP:EnterprisePortal&IdpSelectorId=DenverIDP&TargetResource=https%3A%2F%2Fportal.prod.cu.edu%2Fpsc%2Fepprod%2FUCD3%2FENTP%2Fs%2FWEBLIB_CU_EFORM...
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ping.prod.cu.edu/idp/startSSO.ping?PartnerSpId=SP:EnterprisePortal&IdpSelectorId=DenverIDP&TargetResource=https%3A%2F%2Fportal.prod.cu.edu%2Fpsc%2Fepprod%2FUCD3%2FENTP%2Fs%2FWEBLIB_CU_EFORM.ISCRIPT1.FieldFormula.IScript_Populate_eForm%3Fform%3DDenver_Anschutz_Vaccine_Attestation_Form
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.228.70.154 Evergreen, United States, ASN62671 (UNIVERSITY-OF-COLORADO-SYSTEM, US),
Reverse DNS
ping-paz2.prod.cu.edu
Software
/
Resource Hash
3180545e4cd13a28ddff9a07d02d29c599927587db7d87b5fe6fc5a426c4e051
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Host
ping.prod.cu.edu
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
sto-id-47873-iepprd_8443=HMAJBCKMPLCA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Jul 2021 19:34:07 GMT
X-Frame-Options
SAMEORIGIN
Referrer-Policy
origin
Cache-Control
no-cache, no-store
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Type
text/html;charset=utf-8
Set-Cookie
PF=hxmi3meYn7GMnKvZf0d5Bj;Path=/;Secure;HttpOnly;SameSite=None pingpersist-47873-pazpngprd_9031=GOCABCKMEHCD; Expires=Wed, 28-Jul-2021 20:34:07 GMT; Path=/
Content-Length
2913
P3P
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
X-UIS
AX active

Redirect headers

Cache-Control
no-cache
Date
Wed, 28 Jul 2021 19:34:06 GMT
Location
https://ping.prod.cu.edu/idp/startSSO.ping?PartnerSpId=SP:EnterprisePortal&IdpSelectorId=DenverIDP&TargetResource=https%3A%2F%2Fportal.prod.cu.edu%2Fpsc%2Fepprod%2FUCD3%2FENTP%2Fs%2FWEBLIB_CU_EFORM.ISCRIPT1.FieldFormula.IScript_Populate_eForm%3Fform%3DDenver_Anschutz_Vaccine_Attestation_Form
Content-Length
0
Content-Type
text/plain
Set-Cookie
sto-id-47873-iepprd_8443=HMAJBCKMPLCA; Domain=.prod.cu.edu; Expires=Thu, 29-Jul-2021 05:34:06 GMT; Path=/
Primary Request login
idcs-6dfbdd810afa4d509f6cfc191d612acd.identity.oraclecloud.com/sso/v1/user/
Redirect Chain
  • https://idcs-6dfbdd810afa4d509f6cfc191d612acd.identity.oraclecloud.com/fed/v1/idp/sso
  • https://idcs-6dfbdd810afa4d509f6cfc191d612acd.identity.oraclecloud.com/sso/v1/user/login
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://idcs-6dfbdd810afa4d509f6cfc191d612acd.identity.oraclecloud.com/sso/v1/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
138.1.37.19 Phoenix, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
Oracle Identity Cloud Service /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
idcs-6dfbdd810afa4d509f6cfc191d612acd.identity.oraclecloud.com
:scheme
https
:path
/sso/v1/user/login
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://ping.prod.cu.edu/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ORA_OCIS_REQ_1=pMcU5kiHMjxK/c7C8IN5MB2T8gMbX1pKYxsaox+KoDL6ZuocFDynObUo6kvJPrCEEMqAWR1CX+n1VdjZ/e5thOYZ3D+yPCmtNo9MP3811Whd1c8WRYouqA7NvEwDZSQ4q6OTidQif/Dld04JzkkyJzzHQuxd6iR69xjbwz0tsmV6GR2Lcv1OsbaC+DovQq5BLJDRlXETrvCoc4Hqk+pUnNGl+wBU3H3OzW7tgSkd6duDP1bPDjr25EuoGp6QYPF8UQfuyL86stoh3sPGSUGVt+m3fSY8dfZQppJYKNXVOsU8LynJYBxlw/a7HtuvOjJxzTtz02ta9k4fZUjtLPopr2bovIitdJrl67wd1KPkgl1wXwscJeloMOkxFxWIkOvI1iUBOpnQwLAzBhPPjsYaNha8Zp2GwT/zhr4rAsNdF+2NcQy++Golcx/6+/I4iFGXvL4yiodeDTNBEHtKZuwdrPn0GkuL2JgD4+jS2VODc6zKKoa4l3hPPi81jnzlMZKPZV20RZ+YTBsnkxCpPD98kgjIBZMWA8G0e5Jkryd0XqXRXBbjRWtR4F4oMIhPA0uB7YIqAKVZcyQwF3GYBeplWWXYv4S2B7SiUZlw8hehvB1L+VsQBxGCmxolbd1aT0FbjXjCwfC/ZhNDbzelR4mrtH2m4MWXWFwpRJIIL98qpiurFQ9FAgRQeSyU07e95YOBAqyErc+a5wsxkpf9EiGjfA~QwS/C3mLRMdBu0kA75sfHthHOo4SHYWjLcfBEo4dtwU
Upgrade-Insecure-Requests
1
Origin
https://ping.prod.cu.edu
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ping.prod.cu.edu/

Response headers

cache-control
no-cache
content-type
text/html;charset=UTF-8
date
Wed, 28 Jul 2021 19:34:07 GMT
expires
Sat, 1 Jan 2005 12:00:01 GMT
pragma
no-cache
server
Oracle Identity Cloud Service
set-cookie
ORA_OCIS_REQ_1=DBw9nylttGExpwE0WX6gaSmX0N8bRBzAZ6uUVafQMNs171dzS/Tkp6e3M9Si9A+Y37UzvMnf2S1lGGDrwq9EG7IpARG6/zgwGDRlbWFA3M0eiKbckvsbfnK2ysWZsOUtZnRrykgW8WlbzZWCseyUB4PvXCKR+z0rkfXOW0nwwhJIKVojbjjassFZ6o0b0Ca5IlAtFo1z7cw/DIMPIO+EcsP26WliodvGpDwqgRPDQl1E2iMssUbRcvt06YQagOVTDk+RcpFkVFxHq41SuAZNQ353ny1sFuRwQLyw08U4c0byb8GiVHq7AN2zECt9SmWcsiTclY3HO84SjSpuvthaVehAHCxFA4nMnSbSfW8+AtqgbF3/2+1ks7xYHYuvY0Rkbcv9wJ+1gb48EXDRvKrkaUfY7F9EShfHoUpUZf1m5AbXCb30iJpl3FFI0K1Z73hsb+KtpZDSLQLqO7D64SadqR5ZyN9HFzoKPCEdOZ9bQvZrq5yhXRFLFdkdIXhl0IziIsl0cuN1tM1svNIQdh3AYayPqV7QS0nXgxKdtkeztIPELmtjAIpvrK8CVBw0rSqhObtU53pGjS4YpH4rLqTOdYG51hU0MSr8P6/5zJgItuUsClvlyNHVEXre+xAhYEabGn7NY54GIYYj/P+Wlcj9KxJxleu/O5TfUWVftIopAd0gBKfcXQ1XY2tsITQUQJg++uFHXxX4HgQ/p/fcO47D2A~Ccc06GjhZD5F2242EoYMXaaHDtZhJiC3V5Q7R1+8CBw;Version=1;Path=/;Secure;HttpOnly;SameSite=None
via
1.1 net-idcs-config
x-content-type-options
nosniff
x-oracle-dms-ecid
jrV0l0Q6E10000000
x-oracle-dms-rid
0:1
x-xss-protection
1; mode=block
content-length
2436

Redirect headers

access-control-allow-methods
GET POST
access-control-allow-origin
https://ping.prod.cu.edu
cache-control
no-cache, no-store, must-revalidate
date
Wed, 28 Jul 2021 19:34:07 GMT
expires
Sat, 1 Jan 2005 12:00:01 GMT
location
https://idcs-6dfbdd810afa4d509f6cfc191d612acd.identity.oraclecloud.com/sso/v1/user/login
pragma
no-cache
server
Oracle Identity Cloud Service
set-cookie
ORA_OCIS_REQ_1=pMcU5kiHMjxK/c7C8IN5MB2T8gMbX1pKYxsaox+KoDL6ZuocFDynObUo6kvJPrCEEMqAWR1CX+n1VdjZ/e5thOYZ3D+yPCmtNo9MP3811Whd1c8WRYouqA7NvEwDZSQ4q6OTidQif/Dld04JzkkyJzzHQuxd6iR69xjbwz0tsmV6GR2Lcv1OsbaC+DovQq5BLJDRlXETrvCoc4Hqk+pUnNGl+wBU3H3OzW7tgSkd6duDP1bPDjr25EuoGp6QYPF8UQfuyL86stoh3sPGSUGVt+m3fSY8dfZQppJYKNXVOsU8LynJYBxlw/a7HtuvOjJxzTtz02ta9k4fZUjtLPopr2bovIitdJrl67wd1KPkgl1wXwscJeloMOkxFxWIkOvI1iUBOpnQwLAzBhPPjsYaNha8Zp2GwT/zhr4rAsNdF+2NcQy++Golcx/6+/I4iFGXvL4yiodeDTNBEHtKZuwdrPn0GkuL2JgD4+jS2VODc6zKKoa4l3hPPi81jnzlMZKPZV20RZ+YTBsnkxCpPD98kgjIBZMWA8G0e5Jkryd0XqXRXBbjRWtR4F4oMIhPA0uB7YIqAKVZcyQwF3GYBeplWWXYv4S2B7SiUZlw8hehvB1L+VsQBxGCmxolbd1aT0FbjXjCwfC/ZhNDbzelR4mrtH2m4MWXWFwpRJIIL98qpiurFQ9FAgRQeSyU07e95YOBAqyErc+a5wsxkpf9EiGjfA~QwS/C3mLRMdBu0kA75sfHthHOo4SHYWjLcfBEo4dtwU;Version=1;Path=/;Secure;HttpOnly;SameSite=None
vary
Origin
via
1.1 net-idcs-config
x-content-type-options
nosniff
x-oracle-dms-ecid
HsTB91KeG10000000
x-oracle-dms-rid
0:1
x-xss-protection
1; mode=block
content-length
0
/
login.ucdenver.edu/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
login.ucdenver.edu
URL
https://login.ucdenver.edu/

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

click.communications.cu.edu
idcs-6dfbdd810afa4d509f6cfc191d612acd.identity.oraclecloud.com
login.ucdenver.edu
ping.prod.cu.edu
portal.prod.cu.edu
login.ucdenver.edu
13.111.229.121
138.1.37.19
204.228.68.23
204.228.70.154
3180545e4cd13a28ddff9a07d02d29c599927587db7d87b5fe6fc5a426c4e051