urlscan.io logo urlscan.io
SecurityTrails logo

customer.biziq.com Open in urlscan Pro
72.44.231.38  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://customer.gowildfire.com/
Effective URL: https://customer.biziq.com/login.php
Submission: On October 07 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 25 HTTP transactions. The main IP is 72.44.231.38, located in Newport Beach, United States and belongs to IMDC-AS12025, US. The main domain is customer.biziq.com.
TLS certificate: Issued by R3 on August 18th 2021. Valid for: 3 months.
This is the only time customer.biziq.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 18 72.44.231.38 12025 (IMDC-AS12025)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
25 7
18    72.44.231.38 (Newport Beach, United States)

ASN12025 (IMDC-AS12025, US)
PTR: iophx-srv00.ebiziq.com
customer.gowildfire.com
customer.biziq.com
2    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
1    2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
2    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700:3035::6815:1f72 (United States)

ASN13335 (CLOUDFLARENET, US)
biziq.com
Domain Requested by
9 customer.biziq.com 2 redirects customer.biziq.com
9 customer.gowildfire.com 1 redirects customer.gowildfire.com
3 stackpath.bootstrapcdn.com customer.gowildfire.com
customer.biziq.com
2 fonts.googleapis.com customer.gowildfire.com
customer.biziq.com
2 cdnjs.cloudflare.com customer.gowildfire.com
customer.biziq.com
1 biziq.com customer.biziq.com
1 fonts.gstatic.com fonts.googleapis.com
1 code.jquery.com customer.gowildfire.com
25 8

This site contains no links.

Subject Issuer Validity Valid
customer.gowildfire.com
R3		 2021-10-07 -
2022-01-05		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
customer.biziq.com
R3		 2021-08-18 -
2021-11-16		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://customer.biziq.com/login.php
Frame ID: 757DB229B0AE203CFECDAF2ECA0FE58E
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Biz IQ :: Marketing Portal

Page URL History Show full URLs

  1. https://customer.gowildfire.com/ HTTP 302
    https://customer.gowildfire.com/login.php Page URL
  2. https://customer.biziq.com/login.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <script [^>]*src="[^"]*/popper\.js/([0-9.]+)
  • /popper\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

25
Requests

100 %
HTTPS

86 %
IPv6

7
Domains

8
Subdomains

7
IPs

3
Countries

930 kB
Transfer

1297 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://customer.gowildfire.com/ HTTP 302
    https://customer.gowildfire.com/login.php Page URL
  2. https://customer.biziq.com/login.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://customer.gowildfire.com/ HTTP 302
  • https://customer.gowildfire.com/login.php
Request Chain 22
  • https://customer.biziq.com/inc/images/mosaic-pattern.png HTTP 302
  • https://customer.biziq.com/login.php
Request Chain 23
  • https://customer.biziq.com/inc/images/pattern1.png HTTP 302
  • https://customer.biziq.com/login.php

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
login.php
customer.gowildfire.com/
Redirect Chain
  • https://customer.gowildfire.com/
  • https://customer.gowildfire.com/login.php
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://customer.gowildfire.com/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.44.231.38 Newport Beach, United States, ASN12025 (IMDC-AS12025, US),
Reverse DNS
iophx-srv00.ebiziq.com
Software
nginx/1.14.0 / PHP/5.6.37
Resource Hash
573a9e109273a08383e8719938e6db4d4b3aad6c41b67a2f558415262d94dcb9

Request headers

Host
customer.gowildfire.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Cookie
PHPSESSID=aj1257lkqqoq2evmuqj48ej3o3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx/1.14.0
Date
Thu, 07 Oct 2021 06:06:33 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/5.6.37
Content-Encoding
gzip

Redirect headers

Server
nginx/1.14.0
Date
Thu, 07 Oct 2021 06:06:31 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/5.6.37
Set-Cookie
PHPSESSID=aj1257lkqqoq2evmuqj48ej3o3; path=/ flashdisplayed=true; expires=Thu, 07-Oct-2021 06:06:31 GMT; Max-Age=0; path=/; domain=gowildfire.com
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
location
https://customer.gowildfire.com/login.php
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js
Requested by
Host: customer.gowildfire.com
URL: https://customer.gowildfire.com/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://customer.gowildfire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 06:06:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1840499
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
6458
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-500f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B2FP7sjEBmQv9ZaOMrlPilNHm1kY7fPEd8AfrFr0XFRWurItmh%2BY6UkGMro7xfKIrjFBTKwFnC6rLRmhghB1quf4p724KFD%2FkD0TXY66623potO4nHY4t3QMA7ywZ0Y0OXWkLY9kamDn7JlDQy1TjVPH"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
69a4f1b3cb085cb6-FRA
expires
Tue, 27 Sep 2022 06:06:33 GMT
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/ 		49 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js
Requested by
Host: customer.gowildfire.com
URL: https://customer.gowildfire.com/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://customer.gowildfire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 06:06:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
565, 718, 718
age
3025967
cdn-cachedat
2021-06-08 18:02:12
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:05 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
538bdfb899684d7cb1e97d37cdcf6f4f
cf-ray
69a4f1b3cf1068fd-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
jquery-3.2.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.2.1.min.js
Requested by
Host: customer.gowildfire.com
URL: https://customer.gowildfire.com/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://customer.gowildfire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 06:06:33 GMT
content-encoding
gzip
last-modified
Mon, 20 Mar 2017 19:01:15 GMT
server
nginx
etag
W/"58d026fb-15283"
vary
Accept-Encoding
x-hw
1633586793.dop158.fr8.t,1633586793.cds241.fr8.hn,1633586793.cds133.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30125
bootstrap.css
customer.gowildfire.com/bootstrap/css/ 		123 KB
123 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://customer.gowildfire.com/bootstrap/css/bootstrap.css
Requested by
Host: customer.gowildfire.com
URL: https://customer.gowildfire.com/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.44.231.38 Newport Beach, United States, ASN12025 (IMDC-AS12025, US),
Reverse DNS
iophx-srv00.ebiziq.com
Software
nginx/1.14.0 /
Resource Hash
6964324b03c111f7955b6fdd85ecd9aeb10b960058d31f2bd1c4320da9e363f1

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
customer.gowildfire.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://customer.gowildfire.com/login.php
Cookie
PHPSESSID=aj1257lkqqoq2evmuqj48ej3o3
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://customer.gowildfire.com/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 07 Oct 2021 06:06:33 GMT
Last-Modified
Wed, 05 Jun 2013 23:13:34 GMT
Server
nginx/1.14.0
ETag
"51afc61e-1eb0a"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
125706
responsive.css
customer.gowildfire.com/bootstrap/css/ 		21 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://customer.gowildfire.com/bootstrap/css/responsive.css
Requested by
Host: customer.gowildfire.com
URL: https://customer.gowildfire.com/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.44.231.38 Newport Beach, United States, ASN12025 (IMDC-AS12025, US),
Reverse DNS
iophx-srv00.ebiziq.com
Software
nginx/1.14.0 /
Resource Hash
49d71c2cc6f28d80fd3a0b6db968375ca9b4f92a2e8705b486ab498d44742972

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
customer.gowildfire.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://customer.gowildfire.com/login.php
Cookie
PHPSESSID=aj1257lkqqoq2evmuqj48ej3o3
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://customer.gowildfire.com/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 07 Oct 2021 06:06:33 GMT
Last-Modified
Wed, 05 Jun 2013 23:13:35 GMT
Server
nginx/1.14.0
ETag
"51afc61f-55b4"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21940
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/ 		137 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css
Requested by
Host: customer.gowildfire.com
URL: https://customer.gowildfire.com/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34959e43e6ecf368807a84f92ad9aa6e2dcd5f0c5c1e57da55e8f3248d9d9255
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://customer.gowildfire.com/
Origin
https://customer.gowildfire.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 06:06:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
cdn-edgestorageid
723, 617, 617
access-control-allow-origin
*
cdn-cachedat
2021-07-24 16:52:17
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:04 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
ac848df9f92a97fe0d5cfe9ed402eb33
cf-ray
69a4f1b3caf94e20-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
glyphicons.css
customer.gowildfire.com/theme/css/ 		23 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://customer.gowildfire.com/theme/css/glyphicons.css
Requested by
Host: customer.gowildfire.com
URL: https://customer.gowildfire.com/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.44.231.38 Newport Beach, United States, ASN12025 (IMDC-AS12025, US),
Reverse DNS
iophx-srv00.ebiziq.com
Software
nginx/1.14.0 /
Resource Hash
95036ae5f2d2c8b38ee29f19dfeb8ca4466d89d4ba147f273f4e070018fdb459

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
customer.gowildfire.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://customer.gowildfire.com/login.php
Cookie
PHPSESSID=aj1257lkqqoq2evmuqj48ej3o3
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://customer.gowildfire.com/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 07 Oct 2021 06:06:33 GMT
Last-Modified
Tue, 02 Jul 2013 14:25:08 GMT
Server
nginx/1.14.0
ETag
"51d2e2c4-5ce4"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23780
uniform.default.css
customer.gowildfire.com/theme/scripts/plugins/forms/pixelmatrix-uniform/css/ 		10 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://customer.gowildfire.com/theme/scripts/plugins/forms/pixelmatrix-uniform/css/uniform.default.css
Requested by
Host: customer.gowildfire.com
URL: https://customer.gowildfire.com/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.44.231.38 Newport Beach, United States, ASN12025 (IMDC-AS12025, US),
Reverse DNS
iophx-srv00.ebiziq.com
Software
nginx/1.14.0 /
Resource Hash
37c3e57993ef994780508bbee544f1217429091b53991cdb473ba7978944e064

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
customer.gowildfire.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://customer.gowildfire.com/login.php
Cookie
PHPSESSID=aj1257lkqqoq2evmuqj48ej3o3
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://customer.gowildfire.com/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 07 Oct 2021 06:06:33 GMT
Last-Modified
Thu, 06 Jun 2013 02:01:04 GMT
Server
nginx/1.14.0
ETag
"51afed60-298b"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10635
style-dark.min.css
customer.gowildfire.com/theme/css/ 		117 KB
117 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://customer.gowildfire.com/theme/css/style-dark.min.css?1366721342
Requested by
Host: customer.gowildfire.com
URL: https://customer.gowildfire.com/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.44.231.38 Newport Beach, United States, ASN12025 (IMDC-AS12025, US),
Reverse DNS
iophx-srv00.ebiziq.com
Software
nginx/1.14.0 /
Resource Hash
ab525f884fac20b241ec3a670fe6d921c9d40ed5cf9dbdab857eff19e54f7226

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
customer.gowildfire.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://customer.gowildfire.com/login.php
Cookie
PHPSESSID=aj1257lkqqoq2evmuqj48ej3o3
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://customer.gowildfire.com/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 07 Oct 2021 06:06:33 GMT
Last-Modified
Thu, 21 Sep 2017 22:42:51 GMT
Server
nginx/1.14.0
ETag
"59c4406b-1d37b"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
119675
less.min.js
customer.gowildfire.com/theme/scripts/plugins/system/ 		57 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://customer.gowildfire.com/theme/scripts/plugins/system/less.min.js
Requested by
Host: customer.gowildfire.com
URL: https://customer.gowildfire.com/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.44.231.38 Newport Beach, United States, ASN12025 (IMDC-AS12025, US),
Reverse DNS
iophx-srv00.ebiziq.com
Software
nginx/1.14.0 /
Resource Hash
7bb9e794c59412e657a262b42eea7eb4193e864d339ba15acc8fa62172cfdae1

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
customer.gowildfire.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://customer.gowildfire.com/login.php
Cookie
PHPSESSID=aj1257lkqqoq2evmuqj48ej3o3
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://customer.gowildfire.com/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 07 Oct 2021 06:06:33 GMT
Last-Modified
Thu, 06 Jun 2013 02:24:19 GMT
Server
nginx/1.14.0
ETag
"51aff2d3-e349"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
58185
css
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,800,700,600&subset=latin,latin-ext
Requested by
Host: customer.gowildfire.com
URL: https://customer.gowildfire.com/theme/css/style-dark.min.css?1366721342
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c6da3e29d7e9c52e3786c3a361d3c00084681338fcd8cfb1539618617f4a258a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://customer.gowildfire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 07 Oct 2021 05:32:36 GMT
server
ESF
date
Thu, 07 Oct 2021 06:06:34 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Thu, 07 Oct 2021 06:06:34 GMT
mosaic-pattern.png
customer.gowildfire.com/theme/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://customer.gowildfire.com/theme/images/mosaic-pattern.png
Requested by
Host: customer.gowildfire.com
URL: https://customer.gowildfire.com/theme/css/style-dark.min.css?1366721342
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.44.231.38 Newport Beach, United States, ASN12025 (IMDC-AS12025, US),
Reverse DNS
iophx-srv00.ebiziq.com
Software
nginx/1.14.0 /
Resource Hash

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
customer.gowildfire.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://customer.gowildfire.com/theme/css/style-dark.min.css?1366721342
Cookie
PHPSESSID=aj1257lkqqoq2evmuqj48ej3o3
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://customer.gowildfire.com/theme/css/style-dark.min.css?1366721342
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 07 Oct 2021 06:06:34 GMT
Last-Modified
Thu, 06 Jun 2013 01:52:10 GMT
Server
nginx/1.14.0
ETag
"51afeb4a-6b6"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1718
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v26/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,800,700,600&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://customer.gowildfire.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 17:03:52 GMT
x-content-type-options
nosniff
age
565362
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44760
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 16:50:17 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 30 Sep 2022 17:03:52 GMT
Primary Request login.php
customer.biziq.com/ 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://customer.biziq.com/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.44.231.38 Newport Beach, United States, ASN12025 (IMDC-AS12025, US),
Reverse DNS
iophx-srv00.ebiziq.com
Software
nginx/1.14.0 / PHP/5.6.37
Resource Hash
29bb0782187cd67220a83d3ac865f5b78964fbef2b3fef1c8ab3bbe3303546de

Request headers

Host
customer.biziq.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://customer.gowildfire.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://customer.gowildfire.com/

Response headers

Server
nginx/1.14.0
Date
Thu, 07 Oct 2021 06:06:34 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/5.6.37
Content-Encoding
gzip
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js
Requested by
Host: customer.biziq.com
URL: https://customer.biziq.com/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://customer.biziq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 06:06:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1840501
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
6458
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-500f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YtgWBDjH%2Bn%2FZenGW9yaVuisFHJ2E%2BHRREMh6aAaDL0qWn4X3OF85kVugRyJeg8pqyPGotuZ54%2Bkzr6fBlnM5vwEUl4984fs1ahsiujYvUkdQ7MSjVObQFLMTMIzHMhZgWhvpz2lbsf7tx7oXzVO9VTvY"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
69a4f1bd4cd75cb6-FRA
expires
Tue, 27 Sep 2022 06:06:35 GMT
jquery-3.3.1.min.js
customer.biziq.com/inc/js/ 		85 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://customer.biziq.com/inc/js/jquery-3.3.1.min.js?c=20211006
Requested by
Host: customer.biziq.com
URL: https://customer.biziq.com/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.44.231.38 Newport Beach, United States, ASN12025 (IMDC-AS12025, US),
Reverse DNS
iophx-srv00.ebiziq.com
Software
nginx/1.14.0 /
Resource Hash
d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
customer.biziq.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://customer.biziq.com/login.php
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://customer.biziq.com/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 07 Oct 2021 06:06:35 GMT
Last-Modified
Tue, 09 Jul 2019 01:13:43 GMT
Server
nginx/1.14.0
ETag
"5d23ea47-1538f"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
86927
bootstrap.css
customer.biziq.com/inc/css/ 		178 KB
178 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://customer.biziq.com/inc/css/bootstrap.css?c=20211006
Requested by
Host: customer.biziq.com
URL: https://customer.biziq.com/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.44.231.38 Newport Beach, United States, ASN12025 (IMDC-AS12025, US),
Reverse DNS
iophx-srv00.ebiziq.com
Software
nginx/1.14.0 /
Resource Hash
23e66ee9186cc5116cd5529d4d59381eae41b5d1baa906828e3ee8793601cd9f

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
customer.biziq.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://customer.biziq.com/login.php
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://customer.biziq.com/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 07 Oct 2021 06:06:35 GMT
Last-Modified
Fri, 21 May 2021 13:41:07 GMT
Server
nginx/1.14.0
ETag
"60a7b873-2c61c"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
181788
bootstrap-responsive.css
customer.biziq.com/inc/css/ 		22 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://customer.biziq.com/inc/css/bootstrap-responsive.css?c=20211006
Requested by
Host: customer.biziq.com
URL: https://customer.biziq.com/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.44.231.38 Newport Beach, United States, ASN12025 (IMDC-AS12025, US),
Reverse DNS
iophx-srv00.ebiziq.com
Software
nginx/1.14.0 /
Resource Hash
0bc38f7247957399948c0e5bd89f54abbb7b6d7da0dbc5160c9eba60e3ee147e

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
customer.biziq.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://customer.biziq.com/login.php
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://customer.biziq.com/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 07 Oct 2021 06:06:35 GMT
Last-Modified
Tue, 09 Jul 2019 01:12:35 GMT
Server
nginx/1.14.0
ETag
"5d23ea03-5653"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22099
style-light.min.css
customer.biziq.com/inc/theme/ 		118 KB
119 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://customer.biziq.com/inc/theme/style-light.min.css?c=20211006
Requested by
Host: customer.biziq.com
URL: https://customer.biziq.com/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.44.231.38 Newport Beach, United States, ASN12025 (IMDC-AS12025, US),
Reverse DNS
iophx-srv00.ebiziq.com
Software
nginx/1.14.0 /
Resource Hash
179f4003ad08026170e9a8c75f2f07d049e2cb5f0cc4ab5650d555c86919be5b

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
customer.biziq.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://customer.biziq.com/login.php
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://customer.biziq.com/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 07 Oct 2021 06:06:35 GMT
Last-Modified
Thu, 13 May 2021 18:17:34 GMT
Server
nginx/1.14.0
ETag
"609d6d3e-1d930"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
121136
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/ 		137 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css
Requested by
Host: customer.biziq.com
URL: https://customer.biziq.com/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34959e43e6ecf368807a84f92ad9aa6e2dcd5f0c5c1e57da55e8f3248d9d9255
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://customer.biziq.com/
Origin
https://customer.biziq.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 06:06:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
cdn-edgestorageid
723, 617, 617
access-control-allow-origin
*
cdn-cachedat
2021-07-24 16:52:17
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:04 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
19fafb6921a2fa218b5ff2620485da23
cf-ray
69a4f1bd492e4e20-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
mobile-logo.png
biziq.com/wp-content/uploads/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://biziq.com/wp-content/uploads/mobile-logo.png
Requested by
Host: customer.biziq.com
URL: https://customer.biziq.com/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:1f72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48dd45e2756ae2647d413c729e5b63e59423453b955e76b0b0802701f7234c36

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://customer.biziq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 06:06:35 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2322
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 22 Jan 2020 18:42:47 GMT
server
cloudflare
etag
"912-59cbee416058e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=unHqIryIU1Mi%2FdmGGF53iFOsOUzBUTNMBpKb302KIeETNZ7bssS2masaPZL%2F2VHJqKnW79sCfCxsrNac4TCJMm0KXV1UkBI2IB1NJR%2FqdXBxIklEbNR88gpvWzmf2yAZK%2F2uu4QqSy4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=290304000
accept-ranges
bytes
cf-ray
69a4f1c108c468f2-FRA
expires
Fri, 07 Oct 2022 06:06:35 GMT
css
fonts.googleapis.com/ 		10 KB
843 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,800,700,600&subset=latin,latin-ext
Requested by
Host: customer.biziq.com
URL: https://customer.biziq.com/inc/theme/style-light.min.css?c=20211006
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c6da3e29d7e9c52e3786c3a361d3c00084681338fcd8cfb1539618617f4a258a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://customer.biziq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 07 Oct 2021 04:39:23 GMT
server
ESF
date
Thu, 07 Oct 2021 06:06:35 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Thu, 07 Oct 2021 06:06:35 GMT
login.php
customer.biziq.com/
Redirect Chain
  • https://customer.biziq.com/inc/images/mosaic-pattern.png
  • https://customer.biziq.com/login.php
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://customer.biziq.com/login.php
Requested by
Host: customer.biziq.com
URL: https://customer.biziq.com/inc/theme/style-light.min.css?c=20211006
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.44.231.38 Newport Beach, United States, ASN12025 (IMDC-AS12025, US),
Reverse DNS
iophx-srv00.ebiziq.com
Software
nginx/1.14.0 / PHP/5.6.37
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
customer.biziq.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://customer.biziq.com/inc/theme/style-light.min.css?c=20211006
Cookie
PHPSESSID=udjntpl5jjupmv9sgll950r1m6
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://customer.biziq.com/inc/theme/style-light.min.css?c=20211006
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 07 Oct 2021 06:06:36 GMT
Content-Encoding
gzip
Server
nginx/1.14.0
Connection
keep-alive
X-Powered-By
PHP/5.6.37
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Redirect headers

Pragma
no-cache
Date
Thu, 07 Oct 2021 06:06:36 GMT
Server
nginx/1.14.0
X-Powered-By
PHP/5.6.37
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
location
/login.php
Set-Cookie
PHPSESSID=udjntpl5jjupmv9sgll950r1m6; expires=Thu, 07-Oct-2021 16:06:36 GMT; Max-Age=36000; path=/ request_page=%2Finc%2Fimages%2Fmosaic-pattern.png; expires=Thu, 07-Oct-2021 07:06:36 GMT; Max-Age=3600
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
login.php
customer.biziq.com/
Redirect Chain
  • https://customer.biziq.com/inc/images/pattern1.png
  • https://customer.biziq.com/login.php
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://customer.biziq.com/login.php
Requested by
Host: customer.biziq.com
URL: https://customer.biziq.com/inc/theme/style-light.min.css?c=20211006
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.44.231.38 Newport Beach, United States, ASN12025 (IMDC-AS12025, US),
Reverse DNS
iophx-srv00.ebiziq.com
Software
nginx/1.14.0 / PHP/5.6.37
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
customer.biziq.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://customer.biziq.com/inc/theme/style-light.min.css?c=20211006
Cookie
PHPSESSID=50ltpoa1b5pdh97fireo8ghuo0
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://customer.biziq.com/inc/theme/style-light.min.css?c=20211006
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 07 Oct 2021 06:06:36 GMT
Content-Encoding
gzip
Server
nginx/1.14.0
Connection
keep-alive
X-Powered-By
PHP/5.6.37
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Redirect headers

Pragma
no-cache
Date
Thu, 07 Oct 2021 06:06:36 GMT
Server
nginx/1.14.0
X-Powered-By
PHP/5.6.37
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
location
/login.php
Set-Cookie
PHPSESSID=50ltpoa1b5pdh97fireo8ghuo0; expires=Thu, 07-Oct-2021 16:06:36 GMT; Max-Age=36000; path=/ request_page=%2Finc%2Fimages%2Fpattern1.png; expires=Thu, 07-Oct-2021 07:06:36 GMT; Max-Age=3600
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster function| Popper function| $ function| jQuery

3 Cookies

Domain/Path Name / Value
customer.biziq.com/inc/images Name: request_page
Value: %2Finc%2Fimages%2Fmosaic-pattern.png
customer.gowildfire.com/ Name: PHPSESSID
Value: aj1257lkqqoq2evmuqj48ej3o3
customer.biziq.com/ Name: PHPSESSID
Value: udjntpl5jjupmv9sgll950r1m6

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

biziq.com
cdnjs.cloudflare.com
code.jquery.com
customer.biziq.com
customer.gowildfire.com
fonts.googleapis.com
fonts.gstatic.com
stackpath.bootstrapcdn.com
2001:4de0:ac18::1:a:2a
2606:4700:3035::6815:1f72
2606:4700::6810:135e
2606:4700::6812:acf
2a00:1450:4001:827::2003
2a00:1450:4001:830::200a
72.44.231.38
02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5
0bc38f7247957399948c0e5bd89f54abbb7b6d7da0dbc5160c9eba60e3ee147e
0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339
179f4003ad08026170e9a8c75f2f07d049e2cb5f0cc4ab5650d555c86919be5b
23e66ee9186cc5116cd5529d4d59381eae41b5d1baa906828e3ee8793601cd9f
29bb0782187cd67220a83d3ac865f5b78964fbef2b3fef1c8ab3bbe3303546de
34959e43e6ecf368807a84f92ad9aa6e2dcd5f0c5c1e57da55e8f3248d9d9255
37c3e57993ef994780508bbee544f1217429091b53991cdb473ba7978944e064
48dd45e2756ae2647d413c729e5b63e59423453b955e76b0b0802701f7234c36
49d71c2cc6f28d80fd3a0b6db968375ca9b4f92a2e8705b486ab498d44742972
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
573a9e109273a08383e8719938e6db4d4b3aad6c41b67a2f558415262d94dcb9
6964324b03c111f7955b6fdd85ecd9aeb10b960058d31f2bd1c4320da9e363f1
7bb9e794c59412e657a262b42eea7eb4193e864d339ba15acc8fa62172cfdae1
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
95036ae5f2d2c8b38ee29f19dfeb8ca4466d89d4ba147f273f4e070018fdb459
ab525f884fac20b241ec3a670fe6d921c9d40ed5cf9dbdab857eff19e54f7226
c6da3e29d7e9c52e3786c3a361d3c00084681338fcd8cfb1539618617f4a258a
d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855