urlscan.io logo urlscan.io
SecurityTrails logo

bobcard.skilliq.co Open in urlscan Pro
216.48.190.56  Public Scan

Go To Rescan Add Verdict Report
URL: https://bobcard.skilliq.co/
Submission: On April 29 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 15 HTTP transactions. The main IP is 216.48.190.56, located in India and belongs to E2E-NETWORKS-IN 282, Sector 19, IN. The main domain is bobcard.skilliq.co.
TLS certificate: Issued by R3 on April 29th 2024. Valid for: 3 months.
This is the only time bobcard.skilliq.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

6    216.48.190.56 (India)

ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN)
PTR: e2e-107-56.ssdcloudindia.net
bobcard.skilliq.co
gateway-prod.refactor.academy
2    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:400c:c0a::54 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
accounts.google.com
1    164.52.210.58 (None, )

ASN- ()
refactor-platform-store.objectstore.e2enetworks.net
3    52.219.64.95 (None, )

ASN- ()
public-upload-prod.s3.ap-south-1.amazonaws.com

This site contains links to these domains. Also see Links.

Domain
www.refactor.academy
Subject Issuer Validity Valid
user-prod.refactor.academy
R3		 2024-04-29 -
2024-07-28		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-04-08 -
2024-07-01		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-04-08 -
2024-07-01		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2024-04-08 -
2024-07-01		 3 months crt.sh
*.objectstore.e2enetworks.net
Sectigo RSA Domain Validation Secure Server CA		 2023-11-08 -
2024-11-07		 a year crt.sh
*.s3.ap-south-1.amazonaws.com
Amazon RSA 2048 M01		 2024-02-01 -
2025-01-30		 a year crt.sh

This page contains 1 frames:

Primary Page: https://bobcard.skilliq.co/
Frame ID: 2BA3B10AF94AA5D1458A3EC1A7A4C40B
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

BoB Financial - Bank of Baroda

Detected technologies

Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client

Page Statistics

15
Requests

93 %
HTTPS

50 %
IPv6

7
Domains

7
Subdomains

7
IPs

3
Countries

4418 kB
Transfer

18003 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bobcard.skilliq.co/ 		957 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bobcard.skilliq.co/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
216.48.190.56 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS
e2e-107-56.ssdcloudindia.net
Software
/ Express
Resource Hash
694bef96c4f824136fd7c7b64f40e7736361936020478fb6a3d2477bbdbd62e4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
content-length
957
content-type
text/html; charset=utf-8
date
Mon, 29 Apr 2024 08:56:20 GMT
etag
W/"3bd-O3zAkbzRkZb9Cu4u/TXZbHSRLpY"
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
x-powered-by
Express
client
bobcard.skilliq.co/accounts.google.com/gsi/ 		957 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bobcard.skilliq.co/accounts.google.com/gsi/client
Requested by
Host: bobcard.skilliq.co
URL: https://bobcard.skilliq.co/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
216.48.190.56 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS
e2e-107-56.ssdcloudindia.net
Software
/ Express
Resource Hash
694bef96c4f824136fd7c7b64f40e7736361936020478fb6a3d2477bbdbd62e4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bobcard.skilliq.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 08:56:20 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-powered-by
Express
etag
W/"3bd-O3zAkbzRkZb9Cu4u/TXZbHSRLpY"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
accept-ranges
bytes
content-length
957
main.js
bobcard.skilliq.co/ 		126 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bobcard.skilliq.co/main.js
Requested by
Host: bobcard.skilliq.co
URL: https://bobcard.skilliq.co/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
216.48.190.56 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS
e2e-107-56.ssdcloudindia.net
Software
/ Express
Resource Hash
17de1fa9890fc96608e83311e1d95b5dae48258ae77aa075052cd7fd4111ddfa
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bobcard.skilliq.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 08:56:21 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
x-powered-by
Express
etag
W/"1f699-6YYyDqYuZwCgry6IemNZs7tDvRM"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
accept-ranges
bytes
547.js
bobcard.skilliq.co/ 		16 MB
4 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://bobcard.skilliq.co/547.js
Requested by
Host: bobcard.skilliq.co
URL: https://bobcard.skilliq.co/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
216.48.190.56 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS
e2e-107-56.ssdcloudindia.net
Software
/ Express
Resource Hash
fc2c749940ba9354f50fc01fde0bff6e244474c5424d4f9cd8ea3d7cc644c127
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bobcard.skilliq.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 08:56:21 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
x-powered-by
Express
etag
W/"fe8323-JRhXPYS/w+WL6a4gF6awk1lIYPA"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
accept-ranges
bytes
893.js
bobcard.skilliq.co/ 		1 MB
271 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bobcard.skilliq.co/893.js
Requested by
Host: bobcard.skilliq.co
URL: https://bobcard.skilliq.co/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
216.48.190.56 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS
e2e-107-56.ssdcloudindia.net
Software
/ Express
Resource Hash
eb6dfc03d81cb452f1c00e5d6e554c88fba68dc8e909dd70b1c59b5557fe4900
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bobcard.skilliq.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 08:56:21 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
x-powered-by
Express
etag
W/"12a42f-kWjNuEZSap+hsO3wfA2khoUYeiM"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
accept-ranges
bytes
css2
fonts.googleapis.com/ 		2 KB
907 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Quicksand:wght@600;700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
866a27cc6d73e4bae037db68c3d399af04929b6045576edf114625e949fc803a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bobcard.skilliq.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 29 Apr 2024 08:56:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 29 Apr 2024 08:56:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 29 Apr 2024 08:56:22 GMT
css2
fonts.googleapis.com/ 		3 KB
639 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Raleway:wght@100;200&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
638519ddecd7f6bce9794cb8e11f32d615122ed6d597f99e467067375961d93c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bobcard.skilliq.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 29 Apr 2024 08:56:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 29 Apr 2024 08:56:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 29 Apr 2024 08:56:22 GMT
a7934a51-32b9-4cd6-8dcd-d5503a58c9c3
https://bobcard.skilliq.co/ 		2 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://bobcard.skilliq.co/a7934a51-32b9-4cd6-8dcd-d5503a58c9c3
Requested by
Host: bobcard.skilliq.co
URL: https://bobcard.skilliq.co/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0a04397089c397cd8db6b7c3ba8b1826ccf54e6dfee8c0e6ba07cc4cc15aeaed

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length
1655
Content-Type
application/javascript
6xKtdSZaM9iE8KbpRA_hK1QN.woff2
fonts.gstatic.com/s/quicksand/v31/ 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/quicksand/v31/6xKtdSZaM9iE8KbpRA_hK1QN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Quicksand:wght@600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a42c91e1ecc9b09346a1520d9a6f98074c13eebfb1cc87c4e82e5992beb685b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://bobcard.skilliq.co
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 22:22:36 GMT
x-content-type-options
nosniff
age
210827
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28064
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:22:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Apr 2025 22:22:36 GMT
client
accounts.google.com/gsi/ 		215 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: bobcard.skilliq.co
URL: https://bobcard.skilliq.co/547.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::54 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b653013433ea6051a258c6b90c62e3139663c488f3d19c245c9e661e0ca7a36a
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-cyFczBxsRR0ZT38MwtcWmw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bobcard.skilliq.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 08:56:23 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-cyFczBxsRR0ZT38MwtcWmw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Mon, 29 Apr 2024 08:56:23 GMT
tenant
gateway-prod.refactor.academy/usr-srvc/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gateway-prod.refactor.academy/usr-srvc/tenant?tenantName=bobcard
Requested by
Host: bobcard.skilliq.co
URL: https://bobcard.skilliq.co/547.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
216.48.190.56 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS
e2e-107-56.ssdcloudindia.net
Software
/ Express
Resource Hash
c14149eb5a52d990365dae841b1276197515a2226d6e8bbdda9f2e8ca614e90f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json
Referer
https://bobcard.skilliq.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 08:56:24 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-powered-by
Express
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
content-length
2598
0664a4e3-f010-466a-b13b-d3f28e0b6c28_FinalLogo_Favicon.png
refactor-platform-store.objectstore.e2enetworks.net/ 		79 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://refactor-platform-store.objectstore.e2enetworks.net/0664a4e3-f010-466a-b13b-d3f28e0b6c28_FinalLogo_Favicon.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
164.52.210.58 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bobcard.skilliq.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 08:56:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Wed, 21 Jun 2023 09:17:59 GMT
server
nginx
x-amz-request-id
17CAB46C4A06370A
etag
"2163001bb7953f6e8a413a72d118ff84"
x-amz-meta-testing
1234
vary
Origin, Accept-Encoding
content-type
image/png
accept-ranges
bytes
content-length
966609
x-amz-id-2
243d5cfe1b4d4108197204427906126fafa69667401b5386bd84fe04c2373a49
x-xss-protection
1; mode=block
x-amz-meta-example
5678
bob.png
public-upload-prod.s3.ap-south-1.amazonaws.com/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://public-upload-prod.s3.ap-south-1.amazonaws.com/bob.png?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIASOFNEDDAQJ7HXA5N%2F20240429%2Fap-south-1%2Fs3%2Faws4_request&X-Amz-Date=20240429T084618Z&X-Amz-Expires=900&X-Amz-Signature=f0e1294a60aaa27aa5014bb6cd1b3cf2a2c0240de9d9e1dd5b5fb238b3065a57&X-Amz-SignedHeaders=host
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.219.64.95 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
35850ac253e2a938751a95a58cc1c417762165d78b75fb01518e67fd635df551

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bobcard.skilliq.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 29 Apr 2024 08:56:25 GMT
Last-Modified
Mon, 29 Apr 2024 08:46:25 GMT
Server
AmazonS3
x-amz-request-id
629GYHJ62K0C8VBN
ETag
"03295429ff8a8851f183e152edc30ef6"
x-amz-server-side-encryption
AES256
Content-Type
application/octet-stream
Accept-Ranges
bytes
Content-Length
21508
x-amz-id-2
FJblVMJsUpNp6qkDUKLSj+NTr1pv7mo/x+r4BDItJlXKFBzafFv56juB3kdXbm31urQfAeNfSmk=
Bobloginbackground.png
public-upload-prod.s3.ap-south-1.amazonaws.com/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://public-upload-prod.s3.ap-south-1.amazonaws.com/Bobloginbackground.png?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIASOFNEDDAQJ7HXA5N%2F20240429%2Fap-south-1%2Fs3%2Faws4_request&X-Amz-Date=20240429T084718Z&X-Amz-Expires=900&X-Amz-Signature=3e15238f9a55c60c2d364f76090ea9909c00edfd41d71aece1767195a511fae9&X-Amz-SignedHeaders=host
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.219.64.95 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
48f6ab75783ee5b6530581660da6bb90dd4ba8613d529851c00c6948a3859d16

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bobcard.skilliq.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 29 Apr 2024 08:56:25 GMT
Last-Modified
Mon, 29 Apr 2024 08:47:19 GMT
Server
AmazonS3
x-amz-request-id
629GP7QDRWXBJRZ4
ETag
"054e8f755b9ccae454135e78772af5d1"
x-amz-server-side-encryption
AES256
Content-Type
application/octet-stream
Accept-Ranges
bytes
Content-Length
41294
x-amz-id-2
HSYMKn5sQnVzyjkMZDbfjEi3Th/RH6WQtfzN10fo2Qr+8eHsPHVU91nkjBsVzw1T+TDz4YrWzMM=
bob_favicon.webp
public-upload-prod.s3.ap-south-1.amazonaws.com/ 		932 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://public-upload-prod.s3.ap-south-1.amazonaws.com/bob_favicon.webp?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIASOFNEDDAQJ7HXA5N%2F20240429%2Fap-south-1%2Fs3%2Faws4_request&X-Amz-Date=20240429T084631Z&X-Amz-Expires=900&X-Amz-Signature=4c7e2ca9e6d10ab7d116d6c34bc550ee9148e5199561eca10cb63874ee004d42&X-Amz-SignedHeaders=host
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.219.64.95 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2a7e9439fbab1db8e211dd7f98f8b5e174a89e5a240b7d86b44de20a167d2675

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bobcard.skilliq.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 29 Apr 2024 08:56:25 GMT
Last-Modified
Mon, 29 Apr 2024 08:46:32 GMT
Server
AmazonS3
x-amz-request-id
629VC70B4DF2CQ5Q
ETag
"c58b510450ac28d43a5cf4eb948263d2"
x-amz-server-side-encryption
AES256
Content-Type
application/octet-stream
Accept-Ranges
bytes
Content-Length
932
x-amz-id-2
mP7GWM+Tcpq0l1IbIIDwAEYcXu4QXdh5uNz48l2SdeUglK058R0BhuXvd3Z+MUmklUrE3VOgfg0=

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| webpackHotUpdateassessment_platform object| webpackChunkassessment_platform object| AWS object| pdfjsLib object| default_gsi object| _F_toggles object| google object| closure_lm_463431

2 Cookies

Domain/Path Name / Value
bobcard.skilliq.co/ Name: login-bg-URL
Value: https://public-upload-prod.s3.ap-south-1.amazonaws.com/Bobloginbackground.png?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIASOFNEDDAQJ7HXA5N%252F20240429%252Fap-south-1%252Fs3%252Faws4_request&X-Amz-Date=20240429T084718Z&X-Amz-Expires=900&X-Amz-Signature=3e15238f9a55c60c2d364f76090ea9909c00edfd41d71aece1767195a511fae9&X-Amz-SignedHeaders=host
bobcard.skilliq.co/ Name: tenant-logo
Value: https://public-upload-prod.s3.ap-south-1.amazonaws.com/bob.png?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIASOFNEDDAQJ7HXA5N%252F20240429%252Fap-south-1%252Fs3%252Faws4_request&X-Amz-Date=20240429T084618Z&X-Amz-Expires=900&X-Amz-Signature=f0e1294a60aaa27aa5014bb6cd1b3cf2a2c0240de9d9e1dd5b5fb238b3065a57&X-Amz-SignedHeaders=host

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains