hcog.login.em2.oraclecloud.com
Open in
urlscan Pro
141.145.20.172
Public Scan
Effective URL: https://hcog.login.em2.oraclecloud.com/oamfed/idp/samlv20
Submission Tags: falconsandbox
Submission: On January 31 via api from US
Summary
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on August 4th 2020. Valid for: a year.
This is the only time hcog.login.em2.oraclecloud.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 160.34.64.114 160.34.64.114 | 7160 (NETDYNAMICS) (NETDYNAMICS) | |
8 | 141.145.20.172 141.145.20.172 | 43898 (ORCL-AM-OPC1) (ORCL-AM-OPC1) | |
11 | 2 |
ASN7160 (NETDYNAMICS, US)
PTR: vip-ldx-64-114.taleo.net
intertek.taleo.net |
ASN43898 (ORCL-AM-OPC1, SE)
PTR: am2-c2r304-sku2.login.em2.oraclecloud.com
hcog.login.em2.oraclecloud.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
oraclecloud.com
hcog.login.em2.oraclecloud.com |
50 KB |
3 |
taleo.net
intertek.taleo.net |
5 KB |
11 | 2 |
Domain | Requested by | |
---|---|---|
8 | hcog.login.em2.oraclecloud.com |
hcog.login.em2.oraclecloud.com
|
3 | intertek.taleo.net |
intertek.taleo.net
|
11 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
hcog.fa.em2.oraclecloud.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.taleo.net DigiCert SHA2 Secure Server CA |
2020-01-28 - 2021-04-28 |
a year | crt.sh |
*.login.em2.oraclecloud.com DigiCert SHA2 Secure Server CA |
2020-08-04 - 2021-08-18 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://hcog.login.em2.oraclecloud.com/oamfed/idp/samlv20
Frame ID: E5232362EF1D9B4EAEFA4D265E6FA2DF
Requests: 11 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://intertek.taleo.net/transition/index.jsf?lang=en Page URL
- https://intertek.taleo.net/smartorg/SamlInterSiteTransferService.jss?lang=en&TARGET=https%3A%2F%2Finter... Page URL
- https://intertek.taleo.net/smartorg/saml20authnrequestservlet.jss?redirectionURI=https%3A%2F%2Fintertek... Page URL
- https://hcog.login.em2.oraclecloud.com/oamfed/idp/samlv20 Page URL
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Forgot Password
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://intertek.taleo.net/transition/index.jsf?lang=en Page URL
- https://intertek.taleo.net/smartorg/SamlInterSiteTransferService.jss?lang=en&TARGET=https%3A%2F%2Fintertek.taleo.net%2Ftransition%2Findex.jsf%3Flang%3Den Page URL
- https://intertek.taleo.net/smartorg/saml20authnrequestservlet.jss?redirectionURI=https%3A%2F%2Fintertek.taleo.net%2Fsmartorg%2FSamlInterSiteTransferService.jss%3Flang%3Den%26TARGET%3Dhttps%253A%252F%252Fintertek.taleo.net%252Ftransition%252Findex.jsf%253Flang%253Den&TARGET=https%3A%2F%2Fintertek.taleo.net%2Fsmartorg%2FSamlInterSiteTransferService.jss%3Flang%3Den%26TARGET%3Dhttps%253A%252F%252Fintertek.taleo.net%252Ftransition%252Findex.jsf%253Flang%253Den Page URL
- https://hcog.login.em2.oraclecloud.com/oamfed/idp/samlv20 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
index.jsf
intertek.taleo.net/transition/ |
1 KB 978 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SamlInterSiteTransferService.jss
intertek.taleo.net/smartorg/ |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
saml20authnrequestservlet.jss
intertek.taleo.net/smartorg/ |
4 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
Primary Request
Cookie set
samlv20
hcog.login.em2.oraclecloud.com/oamfed/idp/ |
7 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loginTemplate_rtl.css
hcog.login.em2.oraclecloud.com/fusion_apps/global/v3/ |
11 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loginTemplate.css
hcog.login.em2.oraclecloud.com/fusion_apps/global/v3/ |
12 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
config.js
hcog.login.em2.oraclecloud.com/fusion_apps/global/v3/ |
7 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
messages.js
hcog.login.em2.oraclecloud.com/fusion_apps/global/v3/ |
9 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loginJS.js
hcog.login.em2.oraclecloud.com/fusion_apps/global/v3/ |
17 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mcs_login_324.png
hcog.login.em2.oraclecloud.com/fusion_apps/global/images/ |
22 KB 22 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
OracleLogo.png
hcog.login.em2.oraclecloud.com/fusion_apps/global/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
80 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| antiClickjack string| currentPageLang undefined| isError string| OimOHSHostPort number| maxLogoutWaitTime object| callBackLocations string| redirectToPage string| abtProduct string| helpLinkHREF string| privacyPolicy undefined| copyRightTEXT string| appLogoIMAGE string| appNameTEXT string| appNameTEXT4Cloud string| appLogoWIDTH string| appLogoHEIGHT object| displayLangs string| registrationURL string| lostPasswordURL string| trackRegistrationURL boolean| hideRegLink boolean| hideLocaleSelect boolean| disableJSPopup number| maxAllowedInputSize boolean| isOIMLostPassword string| loginRedirectScript string| logoutRedirectScript string| postActionURL string| queryParamName number| maxImagesToLoad number| imagesLoaded object| multiDimArray object| emptyUserName object| emptyPassword object| logoutSuccess object| logoutFailed boolean| isNav4 boolean| isIE4 boolean| isNS6 boolean| showLang undefined| endURL string| backUrlParam undefined| undef function| detectBrowser function| checkForEnterKey function| logIn function| registerUser function| trackUserRegistration function| lostPassword function| onBodyLoad function| placeholderIsSupported function| autoCompleteOff function| localeSelect function| populateSimpleForm function| setCustomHeaderFooter function| incrLoadedImages function| loadLogoutImages function| waitAndRedirect function| checkIfEndURL function| checkIfQueryString function| setFocusOnElement function| Ajax function| getXMLHttpRequestObject function| send function| successCallback function| submitCreds function| submitform function| onClickSubmit function| callLanguageChange object| localeOption string| dispLang6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.oraclecloud.com/ | Name: ORA_FUSION_PREFS Value: v1.0~bG9jYWxlPWVuLXVzfmRlZmF1bHRMYW5ndWFnZU1hcmtlcj1mYWxzZX5wcmVmZXJyZWRMYW5ndWFnZT1lbi11cw== |
|
hcog.login.em2.oraclecloud.com/ | Name: ECID-Context Value: 1.005iYw6KkgFEOP9pRct1id0003dW0003Rv@kXjglfCWn5MK9QJBjHPRaLOPj9OPkVBSXTORqICC0ZJOoOTLkKPOoLRKlSODoITT_G |
|
hcog.login.em2.oraclecloud.com/ | Name: OAM_REQ_COUNT Value: VERSION_4~1 |
|
hcog.login.em2.oraclecloud.com/ | Name: JSESSIONID Value: PhFX0Hfe4OKqP6pgFzk5xH4n0AueMluJzYVWjLK9xfenvexrhc4m!-1557394952 |
|
hcog.login.em2.oraclecloud.com/ | Name: OAM_REQ_0 Value: VERSION_4~zXv0wvtWy5m6VJ1Myz1c7CjrrM8VP1LKOrD1OxfsTx93u0RHMFdZOlPX%2fyJvyL5pqTYxsISKBJBiIdE%2bUe%2fX9pFQDVRRiPgNlkFTukl4o7CV4DvkJU64fOKyWZPAuXUBvVlkgCwT6NtfVCyy1Dh4KCwZnK4L5oOfI6F2wjuox3OXLHzr0g7R9uxVjKtI5rC0A4BBQPjFDDptdTOe4IHwidiD93X%2fHcKY9%2beLw%2fST6ZCO7d1P0yeWf4SYFdH6a%2fKwthUB6jpaquBBcScB%2b0OgWuY40reeu%2f7Cs0N0G0p9OTJHVQT%2bfH6AXEwpth44jNo2eaoybF6objW2Tq%2bY4dUvga7CILvkxfDi1dqv%2bPlE7Ajbund%2bcRZaE02YQi3ei5lllVWCVaAUUR76SiAyyu5UpkT2dmp2p2bZCQ%2bzAKC9EJNOxVR2WBZs6EoWKbVLNGfpg7rTbGYz7n%2fgB4OXYLl5k3rb5Yiqg5TqkjK8sQY9lPB2JH8UNGsOtjCzzUEr8qm5y27oJhaKzRmSJiB%2bOh4ZBeRz0tz2yCiya2vTEZslFn0m1A7c9m53Z482vwssUe8nnt4r1k69IPphKs5tyB5DuY5O5LoIIn1BiwpGwdaTaxvl4y43m4xu7LozycSC1qxr2F17w4gw%2bwE6KCx91gRpaW5KxHNUXYyo7dc19dgqANZV%2fNTqGxRML3qTLRG5f1dM3LiO8yGbcGuKRij8iQcS0y3cRb5zvT6YnBovj%2f3A0rydh8JT7ZAiHdStSipuD1pFeiCYVwj6jP%2bx1%2b8Q9VvcHu0e0URCsWVyFMc5dUEi9MSegovtcBGi%2b7sYh%2bUDhqIZUl%2b45BiJIN%2bXjvqx7%2fiMTIL5dL%2fKxH29JjaOej86d5sVNp6D6eK1zo3szuPp1FZUCme4bAp%2fBl2qNeVFpmYd%2fJRpkipyB7wM4jsSDXt6CfwqzfUcmb8zP%2bRLebbbv6damZns%2fV24j5FhpGBsv6QkzwTIm2a%2fP%2bzzLnS10E1VamZZO3NNNAOsmYfNvHa2Gu3dv7qv7EZ%2fr9mqv8xCXDVqEWgnMNSekKx4GaczrKDrQemwm%2bLhx%2biSC9imZxso9GwjXaNuESeJPPbd42%2bxFmSu3mdw9GHHlmv0JEGyAr%2fcrUwXGU4yIz%2fiPRicWxWMkOY1T8FyZLQ99nbA8CTyPi%2bnhiHeX9b9D%2b03sskAI9Stemav57K0y2VMOabza7YLAy5Gwvpli9eULg%2bBYOCvAt6w1S%2fUEAH4PzLzpLhGg8HDM7he6Xxklm23k0yqkRCRJ32LJFUYEF%2fEmcXdKs1bLNHsD9uQaSeHRd8Yf0Xb1TUAZx06IxfBpIm61raVBZmAfEOaFpwMmkbgE9mm5paaeJqRLbeLE9Pv%2fXZs667LszyycO7EDLOqbYmF2Y7yI%2ffUGLAlUL6TEI12UCZD9owIy%2fUiQMQLjns7CndpbduoZTWFQcZ1tugofVWfVubKAu24Inn%2fn%2fkXiSyqLOm5eZM6uXqwnT3mUPi0HMimWuassa%2bLNzNhq3VLz8LuBa9sGrYCIlnE3XzUw4DzUncK5Q5%2fu4AjNJLif7JTmBnl%2bpRs8SVEZGOdpKuW%2fgc6dC1%2briPJlKCBWztiJKjp7u8j4k7imRaPhDuA36Vp6OcuulHayVoRf5091t3t5s0svEIXt7VBDMlKryRowCkVPneCLpauDj129buBCT9qyM0o6XfvaCac25O8IYMUVVC3r7KKmx3gkF4qMJxTE6wjs8ID%2fqzRwEMgqpeup9UoRpg2Wt4NYJo9P6VsVOvIkbYNgkiJcTJ3ztejAZfY%2f5vkYWE4ANqeBIk7aVPDJFDC65QNcUt3BhRsp1saL3HTMo1DNLFEmsoT3dXVtSBtpU9tCQ8Gsy30t9EDG7izCrnB7j2LAB4AW9F3Tz89uk3rTt0XoslrQFip9zFdbMmlSUjFOH4JP6gPDk0QQhlnhU%2bULQztsVVGjmqx6fERNf%2bG2YpzTB66GaBIT578tv9SkzE0fVzV%2bOCOfPRVBLOiSnbJz%2f6bPOGiPXOo7CPvme1oA9pIUtIFu3VKIqycbhyxZ4WZEiPfL%2bDGYLL2jKx5Rwc%2bCHl2Icvmrox4vhxf2NVTkrhUjW1fLc8NJfyNG6dzZ35fovERX4%2f2ckqHtawBCJl7MLv%2bRk8F1Hs%2fUak%2fJl9yPi315LRzVIRtUoo1 |
|
hcog.login.em2.oraclecloud.com/ | Name: OAM_JSESSIONID Value: OrdX0HfZaCD3KK-5f3f2rDQfC49f7YQ7WxT-F-iAKZidDmwAX7KY!-1557394952 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
hcog.login.em2.oraclecloud.com
intertek.taleo.net
141.145.20.172
160.34.64.114
299a7e8b67d6cbb1439915fd27e2730ca1705bd1d920cd0e693e1d7d79ede145
457584adfe22849c8942110560cb2cab2aaa3d7f8fe3521b4c43fca37b8b3d3b
94af3b10c809c58d4fd572f0512988f50e57fc22ad097f1e541dcc67703bc05e
a0ab7a1b13100dccb29bb6775b1b3498e7a507aa73476ea0448fb666a25e51c1
b633e593eb72343af63f6ba577def0373a9a54d1916e603a576938966f56182b
b9f0a696e18cba72d2460283005a81bad20f9f7882814d12e97777588221142d
c3ba701db3679afbb2bf9a629b1f78bcd1dc47f53dcd6d91b302a84688977a2f
d1aa17f2f90694956b9bf51d572e2778c00680210847e26efb4aa17afcae5651
d9ca91cc087882192f440ecb53bb54949d0fdd0f76bd994c6276993af5948f22
dfd299149513376d6f36c833865cce31619d41b2f40196c0927d19b2d6e40c24
f8ddc7fa3b7dd5a0c10897c4dc49cde5a033767c3ef47d12207d4873ad98b8ba