login.skystem.com Open in urlscan Pro
209.134.48.70 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://login.skystem.com/
Effective URL:
https://login.skystem.com/ARTAuth/Account/Login?ReturnUrl=%2FARTAuth%2FSaml%2FSSOComplete
Submission: On October 19 via automatic, source certstream-suspicious (October 19th 2021, 9:53:36 pm UTC) — Scanned from DE

Summary HTTP 21 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 21 HTTP transactions. The main IP is 209.134.48.70, located in Ballwin, United States and belongs to CONNECTRIA-ASN-1, US. The main domain is login.skystem.com.
TLS certificate: Issued by GeoTrust EV RSA CA 2018 on October 15th 2020. Valid for: a year.

This is the only time login.skystem.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4 17	209.134.48.70 209.134.48.70	11734 (CONNECTRI...) (CONNECTRIA-ASN-1)
1	172.217.16.138 172.217.16.138	15169 (GOOGLE) (GOOGLE)
5	142.250.185.163 142.250.185.163	15169 (GOOGLE) (GOOGLE)
2	63.33.186.64 63.33.186.64	16509 (AMAZON-02) (AMAZON-02)
21	4

17 209.134.48.70 (Ballwin, United States) 4 redirects

ASN11734 (CONNECTRIA-ASN-1, US)

login.skystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.138 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f138.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.33.186.64 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-186-64.eu-west-1.compute.amazonaws.com

seal.digicert.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	skystem.com 4 redirects login.skystem.com	690 KB
5	gstatic.com fonts.gstatic.com	78 KB
2	digicert.com seal.digicert.com	9 KB
1	googleapis.com fonts.googleapis.com	2 KB
21	4

	Domain	Requested by
17	login.skystem.com	4 redirects login.skystem.com
5	fonts.gstatic.com	fonts.googleapis.com
2	seal.digicert.com	login.skystem.com
1	fonts.googleapis.com	login.skystem.com
21	4

This site contains links to these domains. Also see Links.

Domain
skystem.com

Subject Issuer	Validity	Valid
login.skystem.com GeoTrust EV RSA CA 2018	`2020-10-15` - `2021-11-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
seal.digicert.com DigiCert SHA2 Secure Server CA	`2020-03-30` - `2022-06-03`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://login.skystem.com/ARTAuth/Account/Login?ReturnUrl=%2FARTAuth%2FSaml%2FSSOComplete
Frame ID: 727F4F08F140368D13411A3DD61AD945
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ART User Login

Page URL History Show full URLs

https://login.skystem.com/ HTTP 302
https://login.skystem.com/ART/login/ HTTP 302
https://login.skystem.com/ARTAuth/Saml/SSO?SAMLRequest=fZLLTsMwFER%2FJfLeefVFrCZSaIWIVGjUBBZskOM6rUViB... HTTP 302
https://login.skystem.com/ARTAuth/Saml/SSOComplete HTTP 302
https://login.skystem.com/ARTAuth/Account/Login?ReturnUrl=%2FARTAuth%2FSaml%2FSSOComplete Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

21
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

776 kB
Transfer

786 kB
Size

4
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://skystem.com/

Search URL Search Domain Scan URL

URL: http://skystem.com/genius-academy/
Title: Enroll in Genius Academy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://login.skystem.com/ HTTP 302
https://login.skystem.com/ART/login/ HTTP 302
https://login.skystem.com/ARTAuth/Saml/SSO?SAMLRequest=fZLLTsMwFER%2FJfLeefVFrCZSaIWIVGjUBBZskOM6rUViB1%2Bn0L8nDxBlQbejmTtHo7sEWlcNiVtzlDv%2B3nIwVrIO0evCLebFwgswZWyOp%2B68xMGkKPGscEt%2FGrDSm%2FnIeuYahJIh8m0XWQlAyxMJhkrTSa7vYc%2FFXpD7HplNyMS1bxbBC7LWXYuQ1AzJozENEMep1EFIG97OYHhtM1U78S7vuZysQ3SybIusO6UZH1hDZHTL%2B8qUAogTD1FJK%2BiUVCujmKpuhdwLeQhRqyVRFAQQSWsOxDCSxQ8b0iGTYjQBuc%2FzFKfbLEdWDMB1z7ZSEtqa64zrk2D8abcJUQ%2Fl0KYZoeJVhqzPupJAhh2vlzXfZCha9m4yzKUv8tfj9IcLRVc3WzoX18eqhjx255J1qirBzv2MNTX%2Ft3m2Nyhij8vBSloJDWeiFHzfDVRV6mOlOTW%2FqzvRWPv3laIv&RelayState=%7E%2Fapp%2Fhome&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=SyHoWTTMGlswPBCyPnQOsCmD3xoCYy2gpisQBZ6LXw4rhHTIXQfjGoqjVX%2FDs7JwvezeRB0xOnTZETxhdF00V65NBq7ViMY%2Bt%2BEb4HnNsMP%2BKfog5WZyIXV2PAHyq0Ku76yA73cOGXRjda4WeeMksvuU%2B33s2k7xv%2FGGmXnhCXSe%2Bj7hPTUb5rWWL82va0gpHmT7Z3jnSHXpn4tbq8CY3brLrE%2F6yCHmyzBkDSm7bwg1olsTtYI%2FfjX6ois%2FG%2FYYgwmsxkRbFBHFf5CjN0ZgoKPNYbyy4x1G%2FZmsH%2B8CtEoSEFg5NSRmuIOnpmr8p7UF%2Fh%2BMOKL8W4y5VYAPCRco7w%3D%3D HTTP 302
https://login.skystem.com/ARTAuth/Saml/SSOComplete HTTP 302
https://login.skystem.com/ARTAuth/Account/Login?ReturnUrl=%2FARTAuth%2FSaml%2FSSOComplete Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set Login Show response
login.skystem.com/ARTAuth/Account/
Redirect Chain

https://login.skystem.com/
https://login.skystem.com/ART/login/
https://login.skystem.com/ARTAuth/Saml/SSO?SAMLRequest=fZLLTsMwFER%2FJfLeefVFrCZSaIWIVGjUBBZskOM6rUViB1%2Bn0L8nDxBlQbejmTtHo7sEWlcNiVtzlDv%2B3nIwVrIO0evCLebFwgswZWyOp%2B68xMGkKPGscEt%2FGrDSm%2FnIeu...
https://login.skystem.com/ARTAuth/Saml/SSOComplete
https://login.skystem.com/ARTAuth/Account/Login?ReturnUrl=%2FARTAuth%2FSaml%2FSSOComplete

8 KB
9 KB

142ms
142ms

Document
text/html

209.134.48.70
CONNECTRIA-ASN-1

General

Check archive.org

Show headers Download Go to

Full URL

https://login.skystem.com/ARTAuth/Account/Login?ReturnUrl=%2FARTAuth%2FSaml%2FSSOComplete

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

209.134.48.70 Ballwin, United States, ASN11734 (CONNECTRIA-ASN-1, US),

Reverse DNS

Software

Resource Hash

471f43b99a9f0b5bc1fbe8bab992f9179a5ae9dfa6122186a2434d66b4d5910e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Host: login.skystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Cookie: ASP.NET_SessionId=0jyc4zjyuzsrzcuvswieubii; SAML_SessionId=1133fb2a-33e0-4d83-9041-571e65444146; waf_cookie=rs2|YW8/d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
X-AspNetMvc-Version: 5.2
X-Frame-Options: SAMEORIGIN
Set-Cookie: __RequestVerificationToken_L0FSVEF1dGg1=tGJzLijbJmZH8hS3Qo2eCPnBK4Sh7rTPEZNXDGcL-J22a4JsMpfLniTZQPtyDZ_-y6uiyj2Xg1xICxmJCok4dn_g-iz4trxEqnwTog0nIRI1; path=/; HttpOnly
Date: Tue, 19 Oct 2021 21:53:31 GMT
Content-Length: 8677

Redirect headers

Cache-Control: private
Location: https://login.skystem.com/ARTAuth/Account/Login?ReturnUrl=%2FARTAuth%2FSaml%2FSSOComplete
X-AspNetMvc-Version: 5.2
Date: Tue, 19 Oct 2021 21:53:31 GMT
Content-Length: 0

GET
H/1.1 200
OK bootstrap.min.css
login.skystem.com/ARTAuth/Content/css/ 118 KB
119 KB 119ms
119ms Stylesheet
text/css 209.134.48.70
CONNECTRIA-ASN-1

General

Check archive.org

Show headers Download Go to

Full URL: https://login.skystem.com/ARTAuth/Content/css/bootstrap.min.css
Requested by: Host: login.skystem.com
URL: https://login.skystem.com/ARTAuth/Account/Login?ReturnUrl=%2FARTAuth%2FSaml%2FSSOComplete
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.134.48.70 Ballwin, United States, ASN11734 (CONNECTRIA-ASN-1, US),
Reverse DNS
Software: /
Resource Hash: 5a3d8c05785485d36ee5c94d4681e5b1d9e4b94c5be8b5bd7b0f3168fff1bd9a

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: login.skystem.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://login.skystem.com/ARTAuth/Account/Login?ReturnUrl=%2FARTAuth%2FSaml%2FSSOComplete
Cookie: ASP.NET_SessionId=0jyc4zjyuzsrzcuvswieubii; SAML_SessionId=1133fb2a-33e0-4d83-9041-571e65444146; waf_cookie=rs2|YW8/d; __RequestVerificationToken_L0FSVEF1dGg1=tGJzLijbJmZH8hS3Qo2eCPnBK4Sh7rTPEZNXDGcL-J22a4JsMpfLniTZQPtyDZ_-y6uiyj2Xg1xICxmJCok4dn_g-iz4trxEqnwTog0nIRI1
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://login.skystem.com/ARTAuth/Account/Login?ReturnUrl=%2FARTAuth%2FSaml%2FSSOComplete
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 21:53:31 GMT
Last-Modified: Mon, 26 Jul 2021 16:50:20 GMT
Accept-Ranges: bytes
ETag: "0eea3513e82d71:0"
Content-Length: 121205
Content-Type: text/css

GET
H/1.1 200
OK jquery.bxslider.min.css
login.skystem.com/ARTAuth/Content/css/ 3 KB
3 KB 365ms
133ms Stylesheet
text/css 209.134.48.70
CONNECTRIA-ASN-1

General

Check archive.org

Show headers Download Go to

Full URL: https://login.skystem.com/ARTAuth/Content/css/jquery.bxslider.min.css
Requested by: Host: login.skystem.com
URL: https://login.skystem.com/ARTAuth/Account/Login?ReturnUrl=%2FARTAuth%2FSaml%2FSSOComplete
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.134.48.70 Ballwin, United States, ASN11734 (CONNECTRIA-ASN-1, US),
Reverse DNS
Software: /
Resource Hash: b346d8f2bcb2a433dd1ed7a0e1e39d7c3809405cb13917e013b750bb120b5cc5

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: login.skystem.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://login.skystem.com/ARTAuth/Account/Login?ReturnUrl=%2FARTAuth%2FSaml%2FSSOComplete
Cookie: ASP.NET_SessionId=0jyc4zjyuzsrzcuvswieubii; SAML_SessionId=1133fb2a-33e0-4d83-9041-571e65444146; waf_cookie=rs2|YW8/d; __RequestVerificationToken_L0FSVEF1dGg1=tGJzLijbJmZH8hS3Qo2eCPnBK4Sh7rTPEZNXDGcL-J22a4JsMpfLniTZQPtyDZ_-y6uiyj2Xg1xICxmJCok4dn_g-iz4trxEqnwTog0nIRI1
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://login.skystem.com/ARTAuth/Account/Login?ReturnUrl=%2FARTAuth%2FSaml%2FSSOComplete
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 21:53:31 GMT
Last-Modified: Mon, 26 Jul 2021 16:50:20 GMT
Accept-Ranges: bytes
ETag: "0eea3513e82d71:0"
Content-Length: 3199
Content-Type: text/css

GET
H/1.1 200
OK font-awesome.min.css
login.skystem.com/ARTAuth/Content/css/ 28 KB
29 KB 375ms
142ms Stylesheet
text/css 209.134.48.70
CONNECTRIA-ASN-1

General

Check archive.org

Show headers Download Go to

Full URL: https://login.skystem.com/ARTAuth/Content/css/font-awesome.min.css
Requested by: Host: login.skystem.com
URL: https://login.skystem.com/ARTAuth/Account/Login?ReturnUrl=%2FARTAuth%2FSaml%2FSSOComplete
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.134.48.70 Ballwin, United States, ASN11734 (CONNECTRIA-ASN-1, US),
Reverse DNS
Software: /
Resource Hash: ed0f05101d480726c58bcd4956a1e7b02f12b538d02058f1b0ebfdabe8a7ef42

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: login.skystem.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://login.skystem.com/ARTAuth/Account/Login?ReturnUrl=%2FARTAuth%2FSaml%2FSSOComplete
Cookie: ASP.NET_SessionId=0jyc4zjyuzsrzcuvswieubii; SAML_SessionId=1133fb2a-33e0-4d83-9041-571e65444146; waf_cookie=rs2|YW8/d; __RequestVerificationToken_L0FSVEF1dGg1=tGJzLijbJmZH8hS3Qo2eCPnBK4Sh7rTPEZNXDGcL-J22a4JsMpfLniTZQPtyDZ_-y6uiyj2Xg1xICxmJCok4dn_g-iz4trxEqnwTog0nIRI1
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://login.skystem.com/ARTAuth/Account/Login?ReturnUrl=%2FARTAuth%2FSaml%2FSSOComplete
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 21:53:31 GMT
Last-Modified: Mon, 26 Jul 2021 16:50:20 GMT
Accept-Ranges: bytes
ETag: "0eea3513e82d71:0"
Content-Length: 29067
Content-Type: text/css

GET
H/1.1 200
OK site.css
login.skystem.com/ARTAuth/Content/css/ 5 KB
5 KB 377ms
137ms Stylesheet
text/css 209.134.48.70
CONNECTRIA-ASN-1

General

Check archive.org

Show headers Download Go to

Full URL: https://login.skystem.com/ARTAuth/Content/css/site.css
Requested by: Host: login.skystem.com
URL: https://login.skystem.com/ARTAuth/Account/Login?ReturnUrl=%2FARTAuth%2FSaml%2FSSOComplete
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.134.48.70 Ballwin, United States, ASN11734 (CONNECTRIA-ASN-1, US),
Reverse DNS
Software: /
Resource Hash: a8febf0c932b87b778be216a6e7271908a1087dde486dd62cb7104eae6d490dc

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: login.skystem.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://login.skystem.com/ARTAuth/Account/Login?ReturnUrl=%2FARTAuth%2FSaml%2FSSOComplete
Cookie: ASP.NET_SessionId=0jyc4zjyuzsrzcuvswieubii; SAML_SessionId=1133fb2a-33e0-4d83-9041-571e65444146; waf_cookie=rs2|YW8/d; __RequestVerificationToken_L0FSVEF1dGg1=tGJzLijbJmZH8hS3Qo2eCPnBK4Sh7rTPEZNXDGcL-J22a4JsMpfLniTZQPtyDZ_-y6uiyj2Xg1xICxmJCok4dn_g-iz4trxEqnwTog0nIRI1
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://login.skystem.com/ARTAuth/Account/Login?ReturnUrl=%2FARTAuth%2FSaml%2FSSOComplete
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 21:53:31 GMT
Last-Modified: Mon, 26 Jul 2021 16:50:20 GMT
Accept-Ranges: bytes
ETag: "0eea3513e82d71:0"
Content-Length: 4811
Content-Type: text/css

GET
H2 200 css
fonts.googleapis.com/ 12 KB
2 KB 38ms
16ms Stylesheet
text/css 172.217.16.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900

Requested by

Host: login.skystem.com
URL: https://login.skystem.com/ARTAuth/Account/Login?ReturnUrl=%2FARTAuth%2FSaml%2FSSOComplete

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f138.1e100.net

Software

ESF /

Resource Hash

ba5c75008a133ef73a0eb980a0c37c168b6bd5db7279a90105697670440eeedf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.skystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 20:34:52 GMT
server: ESF
date: Tue, 19 Oct 2021 21:53:31 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Tue, 19 Oct 2021 21:53:31 GMT

GET
H/1.1 200
OK logo.svg
login.skystem.com/ARTAuth/Content/images/ 9 KB
9 KB 119ms
117ms Image
image/svg+xml 209.134.48.70
CONNECTRIA-ASN-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.skystem.com/ARTAuth/Content/images/logo.svg
Requested by: Host: login.skystem.com
URL: https://login.skystem.com/ARTAuth/Account/Login?ReturnUrl=%2FARTAuth%2FSaml%2FSSOComplete
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.134.48.70 Ballwin, United States, ASN11734 (CONNECTRIA-ASN-1, US),
Reverse DNS
Software: /
Resource Hash: ba7c3db1fd4e16eead15d9b1aaeaa01a09fd1d7a9d948039df58b6d06c1f5e87

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: login.skystem.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://login.skystem.com/ARTAuth/Account/Login?ReturnUrl=%2FARTAuth%2FSaml%2FSSOComplete
Cookie: ASP.NET_SessionId=0jyc4zjyuzsrzcuvswieubii; SAML_SessionId=1133fb2a-33e0-4d83-9041-571e65444146; waf_cookie=rs2|YW8/d; __RequestVerificationToken_L0FSVEF1dGg1=tGJzLijbJmZH8hS3Qo2eCPnBK4Sh7rTPEZNXDGcL-J22a4JsMpfLniTZQPtyDZ_-y6uiyj2Xg1xICxmJCok4dn_g-iz4trxEqnwTog0nIRI1
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://login.skystem.com/ARTAuth/Account/Login?ReturnUrl=%2FARTAuth%2FSaml%2FSSOComplete
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 21:53:31 GMT
Last-Modified: Mon, 26 Jul 2021 16:50:20 GMT
Accept-Ranges: bytes
ETag: "0eea3513e82d71:0"
Content-Length: 9310
Content-Type: image/svg+xml

GET
H/1.1 200
OK jquery.min.js Show response
login.skystem.com/ARTAuth/Content/js/ 84 KB
85 KB 377ms
136ms Script
application/javascript 209.134.48.70
CONNECTRIA-ASN-1

General

Check archive.org

Show headers Download Go to

Full URL: https://login.skystem.com/ARTAuth/Content/js/jquery.min.js
Requested by: Host: login.skystem.com
URL: https://login.skystem.com/ARTAuth/Account/Login?ReturnUrl=%2FARTAuth%2FSaml%2FSSOComplete
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.134.48.70 Ballwin, United States, ASN11734 (CONNECTRIA-ASN-1, US),
Reverse DNS
Software: /
Resource Hash: 28ecdad07946397f0dc5f2235b75de9bad64173081b5886cec57c058b15dc750

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: login.skystem.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://login.skystem.com/ARTAuth/Account/Login?ReturnUrl=%2FARTAuth%2FSaml%2FSSOComplete
Cookie: ASP.NET_SessionId=0jyc4zjyuzsrzcuvswieubii; SAML_SessionId=1133fb2a-33e0-4d83-9041-571e65444146; waf_cookie=rs2|YW8/d; __RequestVerificationToken_L0FSVEF1dGg1=tGJzLijbJmZH8hS3Qo2eCPnBK4Sh7rTPEZNXDGcL-J22a4JsMpfLniTZQPtyDZ_-y6uiyj2Xg1xICxmJCok4dn_g-iz4trxEqnwTog0nIRI1
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://login.skystem.com/ARTAuth/Account/Login?ReturnUrl=%2FARTAuth%2FSaml%2FSSOComplete
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 21:53:31 GMT
Last-Modified: Mon, 26 Jul 2021 16:50:20 GMT
Accept-Ranges: bytes
ETag: "0eea3513e82d71:0"
Content-Length: 86355
Content-Type: application/javascript

GET
H/1.1 200
OK jquery.bxslider.min.js Show response
login.skystem.com/ARTAuth/Content/js/ 23 KB
23 KB 378ms
131ms Script
application/javascript 209.134.48.70
CONNECTRIA-ASN-1

General

Check archive.org

Show headers Download Go to

Full URL: https://login.skystem.com/ARTAuth/Content/js/jquery.bxslider.min.js
Requested by: Host: login.skystem.com
URL: https://login.skystem.com/ARTAuth/Account/Login?ReturnUrl=%2FARTAuth%2FSaml%2FSSOComplete
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.134.48.70 Ballwin, United States, ASN11734 (CONNECTRIA-ASN-1, US),
Reverse DNS
Software: /
Resource Hash: 1a477af5c341564ba5605593f5e57fef823568fc97c4d7eeca5fa27d0b2adaab

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: login.skystem.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://login.skystem.com/ARTAuth/Account/Login?ReturnUrl=%2FARTAuth%2FSaml%2FSSOComplete
Cookie: ASP.NET_SessionId=0jyc4zjyuzsrzcuvswieubii; SAML_SessionId=1133fb2a-33e0-4d83-9041-571e65444146; waf_cookie=rs2|YW8/d; __RequestVerificationToken_L0FSVEF1dGg1=tGJzLijbJmZH8hS3Qo2eCPnBK4Sh7rTPEZNXDGcL-J22a4JsMpfLniTZQPtyDZ_-y6uiyj2Xg1xICxmJCok4dn_g-iz4trxEqnwTog0nIRI1
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://login.skystem.com/ARTAuth/Account/Login?ReturnUrl=%2FARTAuth%2FSaml%2FSSOComplete
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 21:53:31 GMT
Last-Modified: Mon, 26 Jul 2021 16:50:20 GMT
Accept-Ranges: bytes
ETag: "0eea3513e82d71:0"
Content-Length: 23639
Content-Type: application/javascript

GET
H/1.1 200
OK site.js Show response
login.skystem.com/ARTAuth/Content/js/ 3 KB
3 KB 117ms
117ms Script
application/javascript 209.134.48.70
CONNECTRIA-ASN-1

General

Check archive.org

Show headers Download Go to

Full URL: https://login.skystem.com/ARTAuth/Content/js/site.js
Requested by: Host: login.skystem.com
URL: https://login.skystem.com/ARTAuth/Account/Login?ReturnUrl=%2FARTAuth%2FSaml%2FSSOComplete
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.134.48.70 Ballwin, United States, ASN11734 (CONNECTRIA-ASN-1, US),
Reverse DNS
Software: /
Resource Hash: 561ef3405ace64673ee7fc6ed03a365718652339bdff50cc0e3aa2e790cecacd

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: login.skystem.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://login.skystem.com/ARTAuth/Account/Login?ReturnUrl=%2FARTAuth%2FSaml%2FSSOComplete
Cookie: ASP.NET_SessionId=0jyc4zjyuzsrzcuvswieubii; SAML_SessionId=1133fb2a-33e0-4d83-9041-571e65444146; waf_cookie=rs2|YW8/d; __RequestVerificationToken_L0FSVEF1dGg1=tGJzLijbJmZH8hS3Qo2eCPnBK4Sh7rTPEZNXDGcL-J22a4JsMpfLniTZQPtyDZ_-y6uiyj2Xg1xICxmJCok4dn_g-iz4trxEqnwTog0nIRI1
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://login.skystem.com/ARTAuth/Account/Login?ReturnUrl=%2FARTAuth%2FSaml%2FSSOComplete
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 21:53:31 GMT
Last-Modified: Mon, 26 Jul 2021 16:50:20 GMT
Accept-Ranges: bytes
ETag: "0eea3513e82d71:0"
Content-Length: 2715
Content-Type: application/javascript

GET
H/1.1 200
OK background.jpg
login.skystem.com/ARTAuth/Content/images/ 198 KB
198 KB 122ms
121ms Image
image/jpeg 209.134.48.70
CONNECTRIA-ASN-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.skystem.com/ARTAuth/Content/images/background.jpg
Requested by: Host: login.skystem.com
URL: https://login.skystem.com/ARTAuth/Content/css/site.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.134.48.70 Ballwin, United States, ASN11734 (CONNECTRIA-ASN-1, US),
Reverse DNS
Software: /
Resource Hash: 5ba9d069e255dc4e181ae5fc434a6100521b551047ed6d8bd665e7eb175e0a25

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: login.skystem.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://login.skystem.com/ARTAuth/Content/css/site.css
Cookie: ASP.NET_SessionId=0jyc4zjyuzsrzcuvswieubii; SAML_SessionId=1133fb2a-33e0-4d83-9041-571e65444146; waf_cookie=rs2|YW8/d; __RequestVerificationToken_L0FSVEF1dGg1=tGJzLijbJmZH8hS3Qo2eCPnBK4Sh7rTPEZNXDGcL-J22a4JsMpfLniTZQPtyDZ_-y6uiyj2Xg1xICxmJCok4dn_g-iz4trxEqnwTog0nIRI1
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://login.skystem.com/ARTAuth/Content/css/site.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 21:53:32 GMT
Last-Modified: Mon, 26 Jul 2021 16:50:20 GMT
Accept-Ranges: bytes
ETag: "0eea3513e82d71:0"
Content-Length: 202651
Content-Type: image/jpeg

GET
H/1.1 200
OK skystem_img_3.jpg
login.skystem.com/ARTAuth/Content/images/ 126 KB
126 KB 120ms
120ms Image
image/jpeg 209.134.48.70
CONNECTRIA-ASN-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.skystem.com/ARTAuth/Content/images/skystem_img_3.jpg
Requested by: Host: login.skystem.com
URL: https://login.skystem.com/ARTAuth/Account/Login?ReturnUrl=%2FARTAuth%2FSaml%2FSSOComplete
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.134.48.70 Ballwin, United States, ASN11734 (CONNECTRIA-ASN-1, US),
Reverse DNS
Software: /
Resource Hash: d657e60c9f588c9b05bb895fb48f83952e3f158daab08f3b1a598440715d4dc6

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: login.skystem.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://login.skystem.com/ARTAuth/Account/Login?ReturnUrl=%2FARTAuth%2FSaml%2FSSOComplete
Cookie: ASP.NET_SessionId=0jyc4zjyuzsrzcuvswieubii; SAML_SessionId=1133fb2a-33e0-4d83-9041-571e65444146; waf_cookie=rs2|YW8/d; __RequestVerificationToken_L0FSVEF1dGg1=tGJzLijbJmZH8hS3Qo2eCPnBK4Sh7rTPEZNXDGcL-J22a4JsMpfLniTZQPtyDZ_-y6uiyj2Xg1xICxmJCok4dn_g-iz4trxEqnwTog0nIRI1
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://login.skystem.com/ARTAuth/Account/Login?ReturnUrl=%2FARTAuth%2FSaml%2FSSOComplete
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 21:53:32 GMT
Last-Modified: Mon, 26 Jul 2021 16:50:20 GMT
Accept-Ranges: bytes
ETag: "0eea3513e82d71:0"
Content-Length: 128947
Content-Type: image/jpeg

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 16 KB
16 KB 39ms
16ms Font
font/woff2 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://login.skystem.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 16:31:43 GMT
x-content-type-options: nosniff
age: 537709
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Oct 2022 16:31:43 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 37ms
14ms Font
font/woff2 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://login.skystem.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 16:35:54 GMT
x-content-type-options: nosniff
age: 537458
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15724
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:37 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Oct 2022 16:35:54 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 40ms
18ms Font
font/woff2 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://login.skystem.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 17 Oct 2021 14:59:32 GMT
x-content-type-options: nosniff
age: 197640
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Mon, 17 Oct 2022 14:59:32 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 29ms
7ms Font
font/woff2 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://login.skystem.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 16:31:40 GMT
x-content-type-options: nosniff
age: 537712
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Oct 2022 16:31:40 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
login.skystem.com/ARTAuth/Content/fonts/ 70 KB
70 KB 123ms
122ms Font
application/font-woff2 209.134.48.70
CONNECTRIA-ASN-1

General

Check archive.org

Show headers Download Go to

Full URL: https://login.skystem.com/ARTAuth/Content/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: login.skystem.com
URL: https://login.skystem.com/ARTAuth/Content/css/font-awesome.min.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.134.48.70 Ballwin, United States, ASN11734 (CONNECTRIA-ASN-1, US),
Reverse DNS
Software: /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://login.skystem.com
Accept-Encoding: gzip, deflate, br
Host: login.skystem.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://login.skystem.com/ARTAuth/Content/css/font-awesome.min.css
Cookie: ASP.NET_SessionId=0jyc4zjyuzsrzcuvswieubii; SAML_SessionId=1133fb2a-33e0-4d83-9041-571e65444146; waf_cookie=rs2|YW8/d; __RequestVerificationToken_L0FSVEF1dGg1=tGJzLijbJmZH8hS3Qo2eCPnBK4Sh7rTPEZNXDGcL-J22a4JsMpfLniTZQPtyDZ_-y6uiyj2Xg1xICxmJCok4dn_g-iz4trxEqnwTog0nIRI1
Connection: keep-alive
Referer: https://login.skystem.com/ARTAuth/Content/css/font-awesome.min.css
Origin: https://login.skystem.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 21:53:32 GMT
Last-Modified: Mon, 26 Jul 2021 16:50:20 GMT
Accept-Ranges: bytes
ETag: "0eea3513e82d71:0"
Content-Length: 71896
Content-Type: application/font-woff2

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 31ms
10ms Font
font/woff2 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://login.skystem.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 17:27:37 GMT
x-content-type-options: nosniff
age: 102355
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 18 Oct 2022 17:27:37 GMT

GET
H/1.1 200
OK seal.min.js Show response
seal.digicert.com/seals/cascade/ 7 KB
4 KB 477ms
404ms Script
application/javascript 63.33.186.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://seal.digicert.com/seals/cascade/seal.min.js

Requested by

Host: login.skystem.com
URL: https://login.skystem.com/ARTAuth/Account/Login?ReturnUrl=%2FARTAuth%2FSaml%2FSSOComplete

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

63.33.186.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-33-186-64.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

277b0281ce8610bb77c2a8332c8544d26fa6ae6c6a29dd9418a3805d92a6ac14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.skystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 21:53:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 19 Oct 2021 17:42:28 GMT
Server: nginx
ETag: W/"1df4-5ceb82f64e900"
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block, 1; mode=block

GET
H/1.1 200
OK bx_loader.gif
login.skystem.com/ARTAuth/Content/css/images/ 8 KB
9 KB 123ms
122ms Image
image/gif 209.134.48.70
CONNECTRIA-ASN-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.skystem.com/ARTAuth/Content/css/images/bx_loader.gif
Requested by: Host: login.skystem.com
URL: https://login.skystem.com/ARTAuth/Content/css/jquery.bxslider.min.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.134.48.70 Ballwin, United States, ASN11734 (CONNECTRIA-ASN-1, US),
Reverse DNS
Software: /
Resource Hash: 6d46e2cf165a5a0584afba7bc9663da292ee08c97cfc7613de6013ed05be892a

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: login.skystem.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://login.skystem.com/ARTAuth/Content/css/jquery.bxslider.min.css
Cookie: ASP.NET_SessionId=0jyc4zjyuzsrzcuvswieubii; SAML_SessionId=1133fb2a-33e0-4d83-9041-571e65444146; waf_cookie=rs2|YW8/d; __RequestVerificationToken_L0FSVEF1dGg1=tGJzLijbJmZH8hS3Qo2eCPnBK4Sh7rTPEZNXDGcL-J22a4JsMpfLniTZQPtyDZ_-y6uiyj2Xg1xICxmJCok4dn_g-iz4trxEqnwTog0nIRI1
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://login.skystem.com/ARTAuth/Content/css/jquery.bxslider.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 21:53:32 GMT
Last-Modified: Mon, 26 Jul 2021 16:50:20 GMT
Accept-Ranges: bytes
ETag: "0eea3513e82d71:0"
Content-Length: 8581
Content-Type: image/gif

GET
H/1.1 200
OK /
seal.digicert.com/seals/cascade/ 5 KB
6 KB 428ms
428ms Image
image/png 63.33.186.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seal.digicert.com/seals/cascade/?tag=jjmQKE7y&referer=login.skystem.com&format=png&an=min

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

63.33.186.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-33-186-64.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

f59452adef33e8372b30d54f47eaa060c3f58a821e7f06b263c78b775444906b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.skystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 21:53:33 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 19 Oct 2021 00:00:00 +0000
Server: nginx
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-control: max-age=86400
Connection: keep-alive
Content-Length: 5358
X-XSS-Protection: 1; mode=block, 1; mode=block
Expires: Wed, 20 Oct 2021 21:53:33 +0000

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
login.skystem.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 0jyc4zjyuzsrzcuvswieubii
login.skystem.com/	1969-12-31 23:59:59	Name: SAML_SessionId Value: 1133fb2a-33e0-4d83-9041-571e65444146
login.skystem.com/	1969-12-31 23:59:59	Name: waf_cookie Value: rs2\|YW8/d
login.skystem.com/	1969-12-31 23:59:59	Name: __RequestVerificationToken_L0FSVEF1dGg1 Value: tGJzLijbJmZH8hS3Qo2eCPnBK4Sh7rTPEZNXDGcL-J22a4JsMpfLniTZQPtyDZ_-y6uiyj2Xg1xICxmJCok4dn_g-iz4trxEqnwTog0nIRI1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
login.skystem.com
seal.digicert.com
142.250.185.163
172.217.16.138
209.134.48.70
63.33.186.64
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1a477af5c341564ba5605593f5e57fef823568fc97c4d7eeca5fa27d0b2adaab
277b0281ce8610bb77c2a8332c8544d26fa6ae6c6a29dd9418a3805d92a6ac14
28ecdad07946397f0dc5f2235b75de9bad64173081b5886cec57c058b15dc750
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
471f43b99a9f0b5bc1fbe8bab992f9179a5ae9dfa6122186a2434d66b4d5910e
561ef3405ace64673ee7fc6ed03a365718652339bdff50cc0e3aa2e790cecacd
5a3d8c05785485d36ee5c94d4681e5b1d9e4b94c5be8b5bd7b0f3168fff1bd9a
5ba9d069e255dc4e181ae5fc434a6100521b551047ed6d8bd665e7eb175e0a25
6d46e2cf165a5a0584afba7bc9663da292ee08c97cfc7613de6013ed05be892a
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
a8febf0c932b87b778be216a6e7271908a1087dde486dd62cb7104eae6d490dc
b346d8f2bcb2a433dd1ed7a0e1e39d7c3809405cb13917e013b750bb120b5cc5
ba5c75008a133ef73a0eb980a0c37c168b6bd5db7279a90105697670440eeedf
ba7c3db1fd4e16eead15d9b1aaeaa01a09fd1d7a9d948039df58b6d06c1f5e87
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d657e60c9f588c9b05bb895fb48f83952e3f158daab08f3b1a598440715d4dc6
ed0f05101d480726c58bcd4956a1e7b02f12b538d02058f1b0ebfdabe8a7ef42
f59452adef33e8372b30d54f47eaa060c3f58a821e7f06b263c78b775444906b

login.skystem.com Open in urlscan Pro 209.134.48.70 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

21 Requests

100 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

776 kBTransfer

786 kBSize

4 Cookies

2 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

4 Cookies

Security Headers

Indicators

login.skystem.com Open in urlscan Pro
209.134.48.70 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

776 kB
Transfer

786 kB
Size

4
Cookies

21 HTTP transactions
0 data transactions