login.skystem.com
Open in
urlscan Pro
209.134.48.70
Public Scan
Effective URL: https://login.skystem.com/ARTAuth/Account/Login?ReturnUrl=%2FARTAuth%2FSaml%2FSSOComplete
Submission: On October 19 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by GeoTrust EV RSA CA 2018 on October 15th 2020. Valid for: a year.
This is the only time login.skystem.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 17 | 209.134.48.70 209.134.48.70 | 11734 (CONNECTRI...) (CONNECTRIA-ASN-1) | |
1 | 172.217.16.138 172.217.16.138 | 15169 (GOOGLE) (GOOGLE) | |
5 | 142.250.185.163 142.250.185.163 | 15169 (GOOGLE) (GOOGLE) | |
2 | 63.33.186.64 63.33.186.64 | 16509 (AMAZON-02) (AMAZON-02) | |
21 | 4 |
ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f138.1e100.net
fonts.googleapis.com |
ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f3.1e100.net
fonts.gstatic.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-186-64.eu-west-1.compute.amazonaws.com
seal.digicert.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
skystem.com
4 redirects
login.skystem.com |
690 KB |
5 |
gstatic.com
fonts.gstatic.com |
78 KB |
2 |
digicert.com
seal.digicert.com |
9 KB |
1 |
googleapis.com
fonts.googleapis.com |
2 KB |
21 | 4 |
Domain | Requested by | |
---|---|---|
17 | login.skystem.com |
4 redirects
login.skystem.com
|
5 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | seal.digicert.com |
login.skystem.com
|
1 | fonts.googleapis.com |
login.skystem.com
|
21 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
skystem.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
login.skystem.com GeoTrust EV RSA CA 2018 |
2020-10-15 - 2021-11-15 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2021-09-13 - 2021-11-20 |
2 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2021-09-13 - 2021-11-20 |
2 months | crt.sh |
seal.digicert.com DigiCert SHA2 Secure Server CA |
2020-03-30 - 2022-06-03 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://login.skystem.com/ARTAuth/Account/Login?ReturnUrl=%2FARTAuth%2FSaml%2FSSOComplete
Frame ID: 727F4F08F140368D13411A3DD61AD945
Requests: 21 HTTP requests in this frame
Screenshot
Page Title
ART User LoginPage URL History Show full URLs
-
https://login.skystem.com/
HTTP 302
https://login.skystem.com/ART/login/ HTTP 302
https://login.skystem.com/ARTAuth/Saml/SSO?SAMLRequest=fZLLTsMwFER%2FJfLeefVFrCZSaIWIVGjUBBZskOM6rUViB... HTTP 302
https://login.skystem.com/ARTAuth/Saml/SSOComplete HTTP 302
https://login.skystem.com/ARTAuth/Account/Login?ReturnUrl=%2FARTAuth%2FSaml%2FSSOComplete Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Enroll in Genius Academy
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://login.skystem.com/
HTTP 302
https://login.skystem.com/ART/login/ HTTP 302
https://login.skystem.com/ARTAuth/Saml/SSO?SAMLRequest=fZLLTsMwFER%2FJfLeefVFrCZSaIWIVGjUBBZskOM6rUViB1%2Bn0L8nDxBlQbejmTtHo7sEWlcNiVtzlDv%2B3nIwVrIO0evCLebFwgswZWyOp%2B68xMGkKPGscEt%2FGrDSm%2FnIeuYahJIh8m0XWQlAyxMJhkrTSa7vYc%2FFXpD7HplNyMS1bxbBC7LWXYuQ1AzJozENEMep1EFIG97OYHhtM1U78S7vuZysQ3SybIusO6UZH1hDZHTL%2B8qUAogTD1FJK%2BiUVCujmKpuhdwLeQhRqyVRFAQQSWsOxDCSxQ8b0iGTYjQBuc%2FzFKfbLEdWDMB1z7ZSEtqa64zrk2D8abcJUQ%2Fl0KYZoeJVhqzPupJAhh2vlzXfZCha9m4yzKUv8tfj9IcLRVc3WzoX18eqhjx255J1qirBzv2MNTX%2Ft3m2Nyhij8vBSloJDWeiFHzfDVRV6mOlOTW%2FqzvRWPv3laIv&RelayState=%7E%2Fapp%2Fhome&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=SyHoWTTMGlswPBCyPnQOsCmD3xoCYy2gpisQBZ6LXw4rhHTIXQfjGoqjVX%2FDs7JwvezeRB0xOnTZETxhdF00V65NBq7ViMY%2Bt%2BEb4HnNsMP%2BKfog5WZyIXV2PAHyq0Ku76yA73cOGXRjda4WeeMksvuU%2B33s2k7xv%2FGGmXnhCXSe%2Bj7hPTUb5rWWL82va0gpHmT7Z3jnSHXpn4tbq8CY3brLrE%2F6yCHmyzBkDSm7bwg1olsTtYI%2FfjX6ois%2FG%2FYYgwmsxkRbFBHFf5CjN0ZgoKPNYbyy4x1G%2FZmsH%2B8CtEoSEFg5NSRmuIOnpmr8p7UF%2Fh%2BMOKL8W4y5VYAPCRco7w%3D%3D HTTP 302
https://login.skystem.com/ARTAuth/Saml/SSOComplete HTTP 302
https://login.skystem.com/ARTAuth/Account/Login?ReturnUrl=%2FARTAuth%2FSaml%2FSSOComplete Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
Login
login.skystem.com/ARTAuth/Account/ Redirect Chain
|
8 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.css
login.skystem.com/ARTAuth/Content/css/ |
118 KB 119 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.bxslider.min.css
login.skystem.com/ARTAuth/Content/css/ |
3 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
font-awesome.min.css
login.skystem.com/ARTAuth/Content/css/ |
28 KB 29 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
site.css
login.skystem.com/ARTAuth/Content/css/ |
5 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
12 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.svg
login.skystem.com/ARTAuth/Content/images/ |
9 KB 9 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
login.skystem.com/ARTAuth/Content/js/ |
84 KB 85 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.bxslider.min.js
login.skystem.com/ARTAuth/Content/js/ |
23 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
site.js
login.skystem.com/ARTAuth/Content/js/ |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
background.jpg
login.skystem.com/ARTAuth/Content/images/ |
198 KB 198 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
skystem_img_3.jpg
login.skystem.com/ARTAuth/Content/images/ |
126 KB 126 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fontawesome-webfont.woff2
login.skystem.com/ARTAuth/Content/fonts/ |
70 KB 70 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
seal.min.js
seal.digicert.com/seals/cascade/ |
7 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bx_loader.gif
login.skystem.com/ARTAuth/Content/css/images/ |
8 KB 9 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
seal.digicert.com/seals/cascade/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery object| __dcid object| __Cascade string| prop4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
login.skystem.com/ | Name: ASP.NET_SessionId Value: 0jyc4zjyuzsrzcuvswieubii |
|
login.skystem.com/ | Name: SAML_SessionId Value: 1133fb2a-33e0-4d83-9041-571e65444146 |
|
login.skystem.com/ | Name: waf_cookie Value: rs2|YW8/d |
|
login.skystem.com/ | Name: __RequestVerificationToken_L0FSVEF1dGg1 Value: tGJzLijbJmZH8hS3Qo2eCPnBK4Sh7rTPEZNXDGcL-J22a4JsMpfLniTZQPtyDZ_-y6uiyj2Xg1xICxmJCok4dn_g-iz4trxEqnwTog0nIRI1 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fonts.googleapis.com
fonts.gstatic.com
login.skystem.com
seal.digicert.com
142.250.185.163
172.217.16.138
209.134.48.70
63.33.186.64
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1a477af5c341564ba5605593f5e57fef823568fc97c4d7eeca5fa27d0b2adaab
277b0281ce8610bb77c2a8332c8544d26fa6ae6c6a29dd9418a3805d92a6ac14
28ecdad07946397f0dc5f2235b75de9bad64173081b5886cec57c058b15dc750
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
471f43b99a9f0b5bc1fbe8bab992f9179a5ae9dfa6122186a2434d66b4d5910e
561ef3405ace64673ee7fc6ed03a365718652339bdff50cc0e3aa2e790cecacd
5a3d8c05785485d36ee5c94d4681e5b1d9e4b94c5be8b5bd7b0f3168fff1bd9a
5ba9d069e255dc4e181ae5fc434a6100521b551047ed6d8bd665e7eb175e0a25
6d46e2cf165a5a0584afba7bc9663da292ee08c97cfc7613de6013ed05be892a
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
a8febf0c932b87b778be216a6e7271908a1087dde486dd62cb7104eae6d490dc
b346d8f2bcb2a433dd1ed7a0e1e39d7c3809405cb13917e013b750bb120b5cc5
ba5c75008a133ef73a0eb980a0c37c168b6bd5db7279a90105697670440eeedf
ba7c3db1fd4e16eead15d9b1aaeaa01a09fd1d7a9d948039df58b6d06c1f5e87
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d657e60c9f588c9b05bb895fb48f83952e3f158daab08f3b1a598440715d4dc6
ed0f05101d480726c58bcd4956a1e7b02f12b538d02058f1b0ebfdabe8a7ef42
f59452adef33e8372b30d54f47eaa060c3f58a821e7f06b263c78b775444906b