hcog.login.em2.oraclecloud.com
Open in
urlscan Pro
141.145.20.172
Public Scan
Effective URL: https://hcog.login.em2.oraclecloud.com/oamfed/idp/samlv20
Submission Tags: falconsandbox
Submission: On December 23 via api from US — Scanned from GB
Summary
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on August 17th 2021. Valid for: a year.
This is the only time hcog.login.em2.oraclecloud.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 160.34.64.114 160.34.64.114 | 7160 (NETDYNAMICS) (NETDYNAMICS) | |
8 | 141.145.20.172 141.145.20.172 | 43898 (ORCL-AM-OPC1) (ORCL-AM-OPC1) | |
11 | 2 |
ASN7160 (NETDYNAMICS, US)
PTR: vip-ldx-64-114.taleo.net
intertek.taleo.net |
ASN43898 (ORCL-AM-OPC1, SE)
PTR: am2-c2r304-sku2.login.em2.oraclecloud.com
hcog.login.em2.oraclecloud.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
oraclecloud.com
hcog.login.em2.oraclecloud.com |
33 KB |
3 |
taleo.net
intertek.taleo.net |
5 KB |
11 | 2 |
Domain | Requested by | |
---|---|---|
8 | hcog.login.em2.oraclecloud.com |
hcog.login.em2.oraclecloud.com
|
3 | intertek.taleo.net |
intertek.taleo.net
|
11 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
hcog.fa.em2.oraclecloud.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.taleo.net DigiCert TLS RSA SHA256 2020 CA1 |
2021-03-29 - 2022-04-29 |
a year | crt.sh |
*.login.em2.oraclecloud.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-08-17 - 2022-08-19 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://hcog.login.em2.oraclecloud.com/oamfed/idp/samlv20
Frame ID: 4246BEF9B2751779B198ECAA00BFED00
Requests: 11 HTTP requests in this frame
Screenshot
Page Title
Sign InPage URL History Show full URLs
- https://intertek.taleo.net/transition/index.jsf?lang=en Page URL
- https://intertek.taleo.net/smartorg/SamlInterSiteTransferService.jss?lang=en&TARGET=https%3A%2F%2Finter... Page URL
- https://intertek.taleo.net/smartorg/saml20authnrequestservlet.jss?redirectionURI=https%3A%2F%2Fintertek... Page URL
- https://hcog.login.em2.oraclecloud.com/oamfed/idp/samlv20 Page URL
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Forgot Password
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://intertek.taleo.net/transition/index.jsf?lang=en Page URL
- https://intertek.taleo.net/smartorg/SamlInterSiteTransferService.jss?lang=en&TARGET=https%3A%2F%2Fintertek.taleo.net%2Ftransition%2Findex.jsf%3Flang%3Den Page URL
- https://intertek.taleo.net/smartorg/saml20authnrequestservlet.jss?redirectionURI=https%3A%2F%2Fintertek.taleo.net%2Fsmartorg%2FSamlInterSiteTransferService.jss%3Flang%3Den%26TARGET%3Dhttps%253A%252F%252Fintertek.taleo.net%252Ftransition%252Findex.jsf%253Flang%253Den&TARGET=https%3A%2F%2Fintertek.taleo.net%2Fsmartorg%2FSamlInterSiteTransferService.jss%3Flang%3Den%26TARGET%3Dhttps%253A%252F%252Fintertek.taleo.net%252Ftransition%252Findex.jsf%253Flang%253Den Page URL
- https://hcog.login.em2.oraclecloud.com/oamfed/idp/samlv20 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
index.jsf
intertek.taleo.net/transition/ |
1 KB 978 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SamlInterSiteTransferService.jss
intertek.taleo.net/smartorg/ |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
saml20authnrequestservlet.jss
intertek.taleo.net/smartorg/ |
4 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
Primary Request
samlv20
hcog.login.em2.oraclecloud.com/oamfed/idp/ |
6 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loginTemplate_rtl.css
hcog.login.em2.oraclecloud.com/fusion_apps/global/v6/ |
9 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loginTemplate.css
hcog.login.em2.oraclecloud.com/fusion_apps/global/v6/ |
9 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
config.js
hcog.login.em2.oraclecloud.com/fusion_apps/global/v6/ |
7 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
messages.js
hcog.login.em2.oraclecloud.com/fusion_apps/global/v6/ |
9 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loginJS.js
hcog.login.em2.oraclecloud.com/fusion_apps/global/v6/ |
17 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Oracle_rgb_black.svg
hcog.login.em2.oraclecloud.com/fusion_apps/global/images/ |
909 B 1014 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
colorstrip_redwood_desktop.png
hcog.login.em2.oraclecloud.com/fusion_apps/global/images/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
71 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| antiClickjack string| currentPageLang undefined| isError string| OimOHSHostPort number| maxLogoutWaitTime object| callBackLocations string| redirectToPage string| abtProduct string| helpLinkHREF string| privacyPolicy undefined| copyRightTEXT string| appLogoIMAGE string| appNameTEXT string| appNameTEXT4Cloud string| appLogoWIDTH string| appLogoHEIGHT object| displayLangs string| registrationURL string| lostPasswordURL string| trackRegistrationURL boolean| hideRegLink boolean| hideLocaleSelect boolean| disableJSPopup number| maxAllowedInputSize boolean| isOIMLostPassword string| loginRedirectScript string| logoutRedirectScript string| postActionURL string| queryParamName number| maxImagesToLoad number| imagesLoaded object| multiDimArray object| emptyUserName object| emptyPassword object| logoutSuccess object| logoutFailed boolean| isNav4 boolean| isIE4 boolean| isNS6 boolean| showLang undefined| endURL string| backUrlParam undefined| undef function| detectBrowser function| checkForEnterKey function| logIn function| registerUser function| trackUserRegistration function| lostPassword function| onBodyLoad function| placeholderIsSupported function| autoCompleteOff function| localeSelect function| populateSimpleForm function| setCustomHeaderFooter function| incrLoadedImages function| loadLogoutImages function| waitAndRedirect function| checkIfEndURL function| checkIfQueryString function| setFocusOnElement function| Ajax function| getXMLHttpRequestObject function| send function| successCallback function| submitCreds function| submitform function| onClickSubmit function| callLanguageChange object| localeOption string| dispLang6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
hcog.login.em2.oraclecloud.com/ | Name: OAM_JSESSIONID Value: 5CnoSaV-TxcnrO8irLkdvLvjymyXkdrDy5L6ToAh4Al-4tgjubc6!1012611251 |
|
hcog.login.em2.oraclecloud.com/ | Name: OAM_REQ_0 Value: VERSION_4~rufUm4vJDAHyhfgLp543GfyyjCrt81LGRGA%2fxn6Bk6kr8po%2bi%2bhUWq8Jduu%2bDTdh8xfsuDp1oYxXIKApntoTPqAOMIL8FcKLI%2fwBc8o4WedeFuUaNmtrRZIHwYePVNuH%2fyOedaS5%2fccS0aY3kph12pkXSUFhFrOHZ%2fnly3lT9U5PubTxkBtu0ZVegicLD%2f9BKKQFYmX9c6ejFW6F1oTD3CcFIsAa67huEgWWU0HYVRNoCPBE6%2beFUvq3YbTS4ifS3x0yEyDLOeX4ULmy4q6AYlXtLZWWrkSZpQB%2fXAEB9NpiY1OJHkQG7PLBDdRqfdJcWOlmqxVXpCcUogYWw4Znz2UP9%2bN3qhjmB33FArLEzjqHAQ8iG8KiGybpQe%2b84NDsyAluLILzzagXSrbKxVRtLrLjF1EKL1qrDozwMXn4NymtaAKrXLGhY08zJnyAsHpI27xd7n69n%2bt9HV9boI7xtc%2b14S39mRElO%2b28%2fekXfsoMyKw5pSu70SHjiJQiOzyqHJde4ZOm6LhjASg90gFdGOH93VjfDR%2bbbivSmXLeRqnMgpeD8D8j%2bN%2fv6GbvmagZ3whFZL%2faRWOYZUqL%2bNPs29PIrJSrsURAXkuICeSqfTAlojLKRoh91IPNSoiMuYfcmjpRoYyf%2fmL5yQPts5gqZmBSRmZmK%2bHehhb08jTGY4q10EpekZaLzFE5fTC1JZFUyvk0KtfaduOaDhC7lyZPGyt1v7uW1Bem%2bPIIFlyMxQrqQ4Y2UCctIaZTJcKxMk4p1KB3rOjHgwSQGfWD0eAPYmzFtgc5TrIfbTG%2bqZEP8KVGaVPZWzQQWNlX4oNMsa0VuAVmekAlLGN%2baFhuBLRoxJlFrCawUqqfcXd2Y1D7wxEeUzTzxmVCm6yGrIw%2fGQN9aDsucjOPNEjLOFRgIvx2X4CXw3GFLJP32VjDL7APUmDYWsWHhMycNEM9cdmXPajbwqy%2bzCfo2TKxgN3K2mOyVUjEniWf7EDmQ3IhqHboUD1TcfLfdycKt5dKtBzppgfGOGtDkYxGH5A%2f4owaRzd%2bMjI8pAFB6S3ZqhNmBJhrz2JHR0S%2f6krstrVeJhXruQPJxqJ4KMuQfl7NwfptJZUWiSSR1JuQH%2fWbC2rGT93ja%2biWXMJ72lGeS3bYd7%2fMTXoJt2x26pmvBbRORslg7JlKHW5msN572IAv8FXbFoothCpOLmjY9OfPxt2CHh9ETeKxVGNq%2baqNU%2fcBml0m1l1QS%2bnPRtzlI7E%2b%2bGeI5CokuCSpMsGy3RntIGSk053qH9qMVlWUoblS8cxhzjswggDtgL5gUFYCc3PJre7XQ7W9wHM%2fxQiH1f8pT3dYT0isTiBDB9NrNy%2bREhqFanKD90y%2fqifPSx%2ftC%2bg7t7PuUuueV0DwuXU4bu7nhKwLfVZ7wu6NP8D0Ds1j7F691IYv6k7JM%2bpmlElJ0lMWuCbxqNsdxJpeDXkyLNnEu21K9XI%2fA%2fZm2KsT%2b3J0yQP3LjL3O1rJO8Y0lutqhUt%2b7AJIJ7foVqCTLhOHXfmDH5aQRrZMpbohfzwK56pk7e4xivB%2fIV7%2fenEOCdMoadBJJwqVQZ3hIezEEDfkOlWRQr0oMb44%2f%2bvYsuDoU1hADtL6nOaoZ8idqDW5i37CJ3s3OZDPpRFBSgqETHIJmRd5erDIa8knVaNqz1TXW3c%2fnS%2bHlNeu3YANhgQqzC%2fsoyfsSnsMEwWhhsazgxk5tKJL8pfir1g85Q%2f3AzeD40FvL3JpQ6pGXecULp%2bzoW1d%2bwFsAg%2bG6ZjSGP1A3ITGS68z7Z%2bLBCs1UdbT3nHc2kUnYvEiHNp%2bfwBwZSl2P6fdHDtYzLV1CnQB1RKttaZXFuSmGbW7EdFiHni%2bW8uOgYHwYpnelHLGapNVM13zhKgSydzWrGZQK5f29CCYC9kNiQrH9idbE7E3%2fdpxeCu8ghzF9jyE4ryEBxXNNd6gGvCPKEZCstXe0kU8fAONDEYquqJ5rHlUsfsIS9xkwtIp3yscMibATyX7yIlB207tKeh7nS%2fnD2CY7eISFvgxJuY1Y1o3pVPTtQeLg9SctfUz5SGEvslzaS%2fgFu3%2fBVXLey0pfSk5vjcQiXYCAraCvnpcW3afeKQ2iu7ujTPxL8WbkgF4FLu7ELDhbe7fwBsSbkOp5fnN7O49DeukJss9iK%2ftXwO2nYLy%2flMzYagZ67Xva4N5Y52CWqpohqGPPhcPq10PFxkE0M8UxANe%2boA%3d |
|
hcog.login.em2.oraclecloud.com/ | Name: OAM_REQ_COUNT Value: VERSION_4~1 |
|
hcog.login.em2.oraclecloud.com/ | Name: ECID-Context Value: 1.005oxDVf^neEOP9pRcs1yd0003DO00060Z@kXiglfCWn5MK9QJBjHPRaLOPj9OPkVBSXTORqICC0ZJOoOTLkKPOoLRKlSODoITT_G |
|
hcog.login.em2.oraclecloud.com/ | Name: JSESSIONID Value: DCvoSaWDz0UVCqZgCCN49P79lOAhqPqWOKhSLoGp9PfwVD1RPwnW!1012611251 |
|
.oraclecloud.com/ | Name: ORA_FUSION_PREFS Value: v1.0~bG9jYWxlPWVuLXVzfmRlZmF1bHRMYW5ndWFnZU1hcmtlcj1mYWxzZX5wcmVmZXJyZWRMYW5ndWFnZT1lbi11cw== |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
hcog.login.em2.oraclecloud.com
intertek.taleo.net
141.145.20.172
160.34.64.114
299a7e8b67d6cbb1439915fd27e2730ca1705bd1d920cd0e693e1d7d79ede145
457584adfe22849c8942110560cb2cab2aaa3d7f8fe3521b4c43fca37b8b3d3b
5d87cda2384eee41a274f423948891bb6e993d0d73a1391b2a227eb0b98182b3
60589036acc5c99b8041699dfb24e6bcdc17c5b4bc6eb140d066b415853d9ebb
6cc1d89f1946daa96edc0e9703d66e6fa79c7bea2c9ad921c54d14f7ea498648
88069c060075cb8ef831832cbff46770274255475bf941af8b7fee71ebff75ba
8a2488402c4ceca6896516f6f47f40ce90685016d06ae0a667b75065b52457c2
c1cc54d0b21a685008f6643fb3a4ba93090a5efb65a4b1906c3ebbee6feb7271
c3ba701db3679afbb2bf9a629b1f78bcd1dc47f53dcd6d91b302a84688977a2f
cdad4b09e5e44007bc3ed972a73bf806bcc70aeacd29c38efb8385315046f86c
f8ddc7fa3b7dd5a0c10897c4dc49cde5a033767c3ef47d12207d4873ad98b8ba