production.billquickonline.com Open in urlscan Pro
2606:4700::6812:168c  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response production.billquickonline.com/	38 KB 9 KB	656ms 519ms	Document text/html	2606:4700::6812:168c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://production.billquickonline.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:168c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e66f605717ce60ee8a8a546c95db8ab644c6b059b3a320ec9930391c0e2abff0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control private,no-cache, no-store, must-revalidate cf-cache-status DYNAMIC cf-ray 75109d8fbc79bbeb-FRA content-encoding gzip content-type text/html; charset=utf-8 date Tue, 27 Sep 2022 01:55:09 GMT expires 0 pragma no-cache server cloudflare
GET H2	200	style.css production.billquickonline.com/Theme/css/	89 KB 16 KB	818ms 807ms	Stylesheet text/css	2606:4700::6812:168c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://production.billquickonline.com/Theme/css/style.css Requested by Host: production.billquickonline.com URL: https://production.billquickonline.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:168c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4433e96055a27c86d512ce3f7f1ee28d99189adf0da3015c200807fc4f5cc188 Request headers accept-language de-DE,de;q=0.9 Referer https://production.billquickonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Tue, 27 Sep 2022 01:55:10 GMT content-encoding gzip cf-cache-status MISS last-modified Mon, 05 Feb 2018 02:03:29 GMT server cloudflare etag W/"63c62884259ed31:0" vary Accept-Encoding content-type text/css cache-control no-cache, no-store, must-revalidate cf-ray 75109d932801bbeb-FRA expires 0
GET H2	200	blue.css production.billquickonline.com/Theme/css/colors/	2 KB 675 B	453ms 441ms	Stylesheet text/css	2606:4700::6812:168c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://production.billquickonline.com/Theme/css/colors/blue.css Requested by Host: production.billquickonline.com URL: https://production.billquickonline.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:168c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b2f591ae9d8b9df0dadd5517da5c178c33e83ea257cb8861a481b12faca1aa4a Request headers accept-language de-DE,de;q=0.9 Referer https://production.billquickonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Tue, 27 Sep 2022 01:55:10 GMT content-encoding gzip cf-cache-status MISS last-modified Thu, 18 Jul 2013 11:00:54 GMT server cloudflare etag W/"0b79612a683ce1:0" vary Accept-Encoding content-type text/css cache-control no-cache, no-store, must-revalidate cf-ray 75109d932803bbeb-FRA expires 0
GET H2	200	WSblue.css production.billquickonline.com/Theme/css/	40 KB 8 KB	617ms 605ms	Stylesheet text/css	2606:4700::6812:168c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://production.billquickonline.com/Theme/css/WSblue.css Requested by Host: production.billquickonline.com URL: https://production.billquickonline.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:168c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c35756bc37c48c69f202204a42e2ec6c88dd2e1113802adc77703ead80f9a624 Request headers accept-language de-DE,de;q=0.9 Referer https://production.billquickonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Tue, 27 Sep 2022 01:55:10 GMT content-encoding gzip cf-cache-status MISS last-modified Thu, 25 Feb 2016 20:06:20 GMT server cloudflare etag W/"0610fe770d11:0" vary Accept-Encoding content-type text/css cache-control no-cache, no-store, must-revalidate cf-ray 75109d932805bbeb-FRA expires 0
GET H2	200	bqoHost.css production.billquickonline.com/Theme/css/	6 KB 2 KB	452ms 442ms	Stylesheet text/css	2606:4700::6812:168c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://production.billquickonline.com/Theme/css/bqoHost.css Requested by Host: production.billquickonline.com URL: https://production.billquickonline.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:168c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 469d07a8d88bb3dc3dfad90ada8fa8c3ad8554e626e1e543d9358d248dcbdfc9 Request headers accept-language de-DE,de;q=0.9 Referer https://production.billquickonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Tue, 27 Sep 2022 01:55:10 GMT content-encoding gzip cf-cache-status MISS last-modified Tue, 15 Mar 2016 23:59:14 GMT server cloudflare etag W/"07510ad167fd11:0" vary Accept-Encoding content-type text/css cache-control no-cache, no-store, must-revalidate cf-ray 75109d932806bbeb-FRA expires 0
GET H2	200	jquery-ui-1.11.2.css production.billquickonline.com/css/redmond/	38 KB 9 KB	646ms 636ms	Stylesheet text/css	2606:4700::6812:168c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://production.billquickonline.com/css/redmond/jquery-ui-1.11.2.css Requested by Host: production.billquickonline.com URL: https://production.billquickonline.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:168c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cc24fe228f0d7612788ad5d01b39b8ec8908da1140bfba72eb45f3c16a175b13 Request headers accept-language de-DE,de;q=0.9 Referer https://production.billquickonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Tue, 27 Sep 2022 01:55:10 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 10 Feb 2016 19:08:26 GMT server cloudflare etag W/"071336b3664d11:0" vary Accept-Encoding content-type text/css cache-control no-cache, no-store, must-revalidate cf-ray 75109d932807bbeb-FRA expires 0
GET H2	200	jquery-2.1.1.min.js Show response production.billquickonline.com/_js/	82 KB 29 KB	832ms 823ms	Script application/javascript	2606:4700::6812:168c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://production.billquickonline.com/_js/jquery-2.1.1.min.js Requested by Host: production.billquickonline.com URL: https://production.billquickonline.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:168c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b2ce8462d173fc92b60f98701f45443710e423af1b11525a762008ff2c1a0204 Request headers accept-language de-DE,de;q=0.9 Referer https://production.billquickonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Tue, 27 Sep 2022 01:55:10 GMT content-encoding gzip cf-cache-status MISS last-modified Thu, 02 Feb 2017 22:50:18 GMT server cloudflare etag W/"0f1a7b9a67dd21:0" vary Accept-Encoding content-type application/javascript cache-control no-cache, no-store, must-revalidate cf-ray 75109d932809bbeb-FRA expires 0
GET H2	200	jquery-ui-1.11.2.min.js Show response production.billquickonline.com/_js/	234 KB 63 KB	839ms 831ms	Script application/javascript	2606:4700::6812:168c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://production.billquickonline.com/_js/jquery-ui-1.11.2.min.js Requested by Host: production.billquickonline.com URL: https://production.billquickonline.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:168c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b99cb3f5a0978988ae8d179c872a10ef306036cf74189a0cd6f7821e26b1df3c Request headers accept-language de-DE,de;q=0.9 Referer https://production.billquickonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Tue, 27 Sep 2022 01:55:10 GMT content-encoding gzip cf-cache-status MISS last-modified Thu, 02 Feb 2017 22:50:18 GMT server cloudflare etag W/"0f1a7b9a67dd21:0" vary Accept-Encoding content-type application/javascript cache-control no-cache, no-store, must-revalidate cf-ray 75109d93280abbeb-FRA expires 0
GET H2	200	jquery.selectnav.js Show response production.billquickonline.com/_js/	3 KB 1 KB	444ms 437ms	Script application/javascript	2606:4700::6812:168c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://production.billquickonline.com/_js/jquery.selectnav.js Requested by Host: production.billquickonline.com URL: https://production.billquickonline.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:168c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e9addc48afe73ac6f73d51352d7696e39cd8cc158ed333f46f61e1e2dc23473d Request headers accept-language de-DE,de;q=0.9 Referer https://production.billquickonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Tue, 27 Sep 2022 01:55:10 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 17 Jul 2013 21:30:56 GMT server cloudflare etag W/"068eceb3483ce1:0" vary Accept-Encoding content-type application/javascript cache-control no-cache, no-store, must-revalidate cf-ray 75109d93280bbbeb-FRA expires 0
GET H2	200	jquery.layerslider-transitions.js Show response production.billquickonline.com/_js/	21 KB 3 KB	528ms 522ms	Script application/javascript	2606:4700::6812:168c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://production.billquickonline.com/_js/jquery.layerslider-transitions.js Requested by Host: production.billquickonline.com URL: https://production.billquickonline.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:168c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 48f100d494876a84a30575260c6e487040abc633cdaa40f7c377185f6c34852b Request headers accept-language de-DE,de;q=0.9 Referer https://production.billquickonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Tue, 27 Sep 2022 01:55:10 GMT content-encoding gzip cf-cache-status MISS last-modified Thu, 02 Feb 2017 22:50:18 GMT server cloudflare etag W/"0f1a7b9a67dd21:0" vary Accept-Encoding content-type application/javascript cache-control no-cache, no-store, must-revalidate cf-ray 75109d93280cbbeb-FRA expires 0
GET H2	200	jquery.layerslider.min.js Show response production.billquickonline.com/_js/	48 KB 17 KB	715ms 709ms	Script application/javascript	2606:4700::6812:168c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://production.billquickonline.com/_js/jquery.layerslider.min.js Requested by Host: production.billquickonline.com URL: https://production.billquickonline.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:168c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3a35e50278a8e7f60c08b8b31cf6211ee04e5892671ec9b64192469ac66481ee Request headers accept-language de-DE,de;q=0.9 Referer https://production.billquickonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Tue, 27 Sep 2022 01:55:10 GMT content-encoding gzip cf-cache-status MISS last-modified Thu, 02 Feb 2017 22:50:18 GMT server cloudflare etag W/"0f1a7b9a67dd21:0" vary Accept-Encoding content-type application/javascript cache-control no-cache, no-store, must-revalidate cf-ray 75109d93381dbbeb-FRA expires 0
GET H2	200	custom.js Show response production.billquickonline.com/_js/	19 KB 6 KB	547ms 543ms	Script application/javascript	2606:4700::6812:168c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://production.billquickonline.com/_js/custom.js Requested by Host: production.billquickonline.com URL: https://production.billquickonline.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:168c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a4af83a1891f34c09be39ea63a87a497890c376422a68ff0dae755bc62bce311 Request headers accept-language de-DE,de;q=0.9 Referer https://production.billquickonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Tue, 27 Sep 2022 01:55:10 GMT content-encoding gzip cf-cache-status MISS last-modified Tue, 31 Mar 2015 19:58:16 GMT server cloudflare etag W/"03cd86ed6bd01:0" vary Accept-Encoding content-type application/javascript cache-control no-cache, no-store, must-revalidate cf-ray 75109d933820bbeb-FRA expires 0
GET H2	200	skin.css production.billquickonline.com/css/vista-messagebar/	1 KB 722 B	436ms 432ms	Stylesheet text/css	2606:4700::6812:168c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://production.billquickonline.com/css/vista-messagebar/skin.css Requested by Host: production.billquickonline.com URL: https://production.billquickonline.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:168c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c949e2af960ca478302b8d317bc925dde899218e4dc725c33c0178dc42c00538 Request headers accept-language de-DE,de;q=0.9 Referer https://production.billquickonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Tue, 27 Sep 2022 01:55:10 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 10 Feb 2016 19:08:40 GMT server cloudflare etag W/"0ac8b733664d11:0" vary Accept-Encoding content-type text/css cache-control no-cache, no-store, must-revalidate cf-ray 75109d932808bbeb-FRA expires 0
GET H2	200	jquery.messagebar.js Show response production.billquickonline.com/_js/	2 KB 928 B	438ms 434ms	Script application/javascript	2606:4700::6812:168c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://production.billquickonline.com/_js/jquery.messagebar.js Requested by Host: production.billquickonline.com URL: https://production.billquickonline.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:168c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2a567065c5b81f9ee249372b8ebed6725e006e766e7be28c13bddf9ce82e6577 Request headers accept-language de-DE,de;q=0.9 Referer https://production.billquickonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Tue, 27 Sep 2022 01:55:10 GMT content-encoding gzip cf-cache-status MISS last-modified Thu, 02 Feb 2017 22:50:18 GMT server cloudflare etag W/"0f1a7b9a67dd21:0" vary Accept-Encoding content-type application/javascript cache-control no-cache, no-store, must-revalidate cf-ray 75109d933821bbeb-FRA expires 0
GET H2	200	WebResource.axd Show response production.billquickonline.com/	23 KB 5 KB	124ms 124ms	Script application/x-javascript	2606:4700::6812:168c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://production.billquickonline.com/WebResource.axd?d=avl4-ZGHxdRMh6J-fvV7WC-z0EsJMsdzVoViPX6_vUxWRibBnzxvuMxUxpFTSR-nJ5DlojMoLJCrWqUBA25hjWimQV72Fy3j7TLdoJ0c8vM1&t=637814372020000000 Requested by Host: production.billquickonline.com URL: https://production.billquickonline.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:168c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db Request headers accept-language de-DE,de;q=0.9 Referer https://production.billquickonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Tue, 27 Sep 2022 01:55:10 GMT content-encoding gzip cf-cache-status DYNAMIC last-modified Sat, 26 Feb 2022 09:53:22 GMT server cloudflare content-type application/x-javascript cache-control public,no-cache, no-store, must-revalidate cf-ray 75109d93886abbeb-FRA expires Tue, 26 Sep 2023 16:29:27 GMT,0
GET H2	200	WebResource.axd Show response production.billquickonline.com/	3 KB 876 B	407ms 407ms	Script application/x-javascript	2606:4700::6812:168c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://production.billquickonline.com/WebResource.axd?d=sCAU14_PkdWVfROo1FBvZlEzwJ5jcemBCY3-BwrDtQhorowtBBn2rl-qWmPAvTqGmwScRDNZbiWlEQFbL1z9X2_lCvgtgzaaXkM_75rjnWw1&t=637814372020000000 Requested by Host: production.billquickonline.com URL: https://production.billquickonline.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:168c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 144524233f795d6a425b76f7ae5c0bb622b5f67e2e6ae73532ad526528ca07cf Request headers accept-language de-DE,de;q=0.9 Referer https://production.billquickonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Tue, 27 Sep 2022 01:55:10 GMT content-encoding gzip cf-cache-status DYNAMIC last-modified Sat, 26 Feb 2022 09:53:22 GMT server cloudflare content-type application/x-javascript cache-control public,no-cache, no-store, must-revalidate cf-ray 75109d93886bbbeb-FRA expires Tue, 26 Sep 2023 16:29:27 GMT,0
GET H2	200	BQOnlineLogo.png production.billquickonline.com/images/host/	13 KB 13 KB	133ms 133ms	Image image/png	2606:4700::6812:168c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://production.billquickonline.com/images/host/BQOnlineLogo.png Requested by Host: production.billquickonline.com URL: https://production.billquickonline.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:168c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fd2533a00e597523927af249ee8904bf70b3d4ea0d5ded4d674f7ae70739faf7 Request headers accept-language de-DE,de;q=0.9 Referer https://production.billquickonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Tue, 27 Sep 2022 01:55:11 GMT cf-cache-status MISS last-modified Wed, 06 May 2020 06:13:43 GMT server cloudflare etag "27645a7e6d23d61:0" vary Accept-Encoding content-type image/png cache-control no-cache, no-store, must-revalidate accept-ranges bytes cf-ray 75109d9ba8e6bbeb-FRA content-length 13538 expires 0
GET H2	200	Progress.gif production.billquickonline.com/Images/	3 KB 3 KB	420ms 419ms	Image image/gif	2606:4700::6812:168c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://production.billquickonline.com/Images/Progress.gif Requested by Host: production.billquickonline.com URL: https://production.billquickonline.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:168c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4b1545dfb76db807b08a0793ce46a9923522182d2a4eefb522a216a29a18830e Request headers accept-language de-DE,de;q=0.9 Referer https://production.billquickonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Tue, 27 Sep 2022 01:55:11 GMT cf-cache-status MISS last-modified Tue, 27 Jan 2009 08:53:32 GMT server cloudflare etag "04e8bb5c80c91:0" vary Accept-Encoding content-type image/gif cache-control no-cache, no-store, must-revalidate accept-ranges bytes cf-ray 75109d9bf940bbeb-FRA content-length 3111 expires 0
GET H2	200	email-decode.min.js Show response production.billquickonline.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/	1 KB 830 B	24ms 23ms	Script application/javascript	2606:4700::6812:168c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://production.billquickonline.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Requested by Host: production.billquickonline.com URL: https://production.billquickonline.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:168c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer https://production.billquickonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Tue, 27 Sep 2022 01:55:11 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 26 Sep 2022 11:11:52 GMT server cloudflare x-frame-options DENY etag W/"633188f8-4d7" vary Accept-Encoding content-type application/javascript cache-control max-age=172800, public cf-ray 75109d9b78c7bbeb-FRA expires Thu, 29 Sep 2022 01:55:11 GMT
GET H2	200	base.css production.billquickonline.com/Theme/css/	7 KB 2 KB	424ms 421ms	Stylesheet text/css	2606:4700::6812:168c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://production.billquickonline.com/Theme/css/base.css Requested by Host: production.billquickonline.com URL: https://production.billquickonline.com/Theme/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:168c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2ba98a0316214ff39ad8b44dceb6424bf8ed93455e2a7219f58bae1798f06c86 Request headers accept-language de-DE,de;q=0.9 Referer https://production.billquickonline.com/Theme/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Tue, 27 Sep 2022 01:55:11 GMT content-encoding gzip cf-cache-status MISS last-modified Thu, 30 Apr 2020 05:30:12 GMT server cloudflare etag W/"42a3776bb01ed61:0" vary Accept-Encoding content-type text/css cache-control no-cache, no-store, must-revalidate cf-ray 75109d983d6cbbeb-FRA expires 0
GET H2	200	responsive.css production.billquickonline.com/Theme/css/	14 KB 2 KB	521ms 518ms	Stylesheet text/css	2606:4700::6812:168c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://production.billquickonline.com/Theme/css/responsive.css Requested by Host: production.billquickonline.com URL: https://production.billquickonline.com/Theme/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:168c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8ace5c5ffd40ccede0f34ae6b578c3277ab77538b8c81fdef7a8837a093b9f1c Request headers accept-language de-DE,de;q=0.9 Referer https://production.billquickonline.com/Theme/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Tue, 27 Sep 2022 01:55:11 GMT content-encoding gzip cf-cache-status MISS last-modified Thu, 17 Mar 2016 18:55:06 GMT server cloudflare etag W/"0213c857e80d11:0" vary Accept-Encoding content-type text/css cache-control no-cache, no-store, must-revalidate cf-ray 75109d983d70bbeb-FRA expires 0
GET H2	200	icons.css production.billquickonline.com/Theme/css/	32 KB 5 KB	128ms 125ms	Stylesheet text/css	2606:4700::6812:168c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://production.billquickonline.com/Theme/css/icons.css Requested by Host: production.billquickonline.com URL: https://production.billquickonline.com/Theme/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:168c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8cb7de876feb9bf159cd341db1fb6f4fb3d211bcad3663f94a61f1b575e1af4c Request headers accept-language de-DE,de;q=0.9 Referer https://production.billquickonline.com/Theme/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Tue, 27 Sep 2022 01:55:10 GMT content-encoding gzip cf-cache-status MISS last-modified Thu, 25 Feb 2016 20:06:20 GMT server cloudflare etag W/"0610fe770d11:0" vary Accept-Encoding content-type text/css cache-control no-cache, no-store, must-revalidate cf-ray 75109d983d71bbeb-FRA expires 0
GET H2	200	font-awesome.css production.billquickonline.com/Theme/css/	37 KB 7 KB	605ms 604ms	Stylesheet text/css	2606:4700::6812:168c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://production.billquickonline.com/Theme/css/font-awesome.css Requested by Host: production.billquickonline.com URL: https://production.billquickonline.com/Theme/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:168c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c Request headers accept-language de-DE,de;q=0.9 Referer https://production.billquickonline.com/Theme/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Tue, 27 Sep 2022 01:55:11 GMT content-encoding gzip cf-cache-status MISS last-modified Tue, 23 May 2017 23:43:52 GMT server cloudflare etag W/"0ecc96e1ed4d21:0" vary Accept-Encoding content-type text/css cache-control no-cache, no-store, must-revalidate cf-ray 75109d983d72bbeb-FRA expires 0
GET H2	200	css fonts.googleapis.com/	10 KB 1 KB	156ms 61ms	Stylesheet text/css	2a00:1450:400d:80a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700 Requested by Host: production.billquickonline.com URL: https://production.billquickonline.com/Theme/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 6c4133ff5eff0f23ca2f6fdaceea1d4dd3a91e499a0b0aef688b0f31206b0328 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://production.billquickonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 27 Sep 2022 01:03:36 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Tue, 27 Sep 2022 01:55:10 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 27 Sep 2022 01:55:10 GMT
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v34/	44 KB 44 KB	132ms 37ms	Font font/woff2	2a00:1450:400d:80a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://production.billquickonline.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Mon, 26 Sep 2022 18:50:55 GMT x-content-type-options nosniff age 25456 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 44856 x-xss-protection 0 last-modified Mon, 15 Aug 2022 18:20:18 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 26 Sep 2023 18:50:55 GMT
GET H2	200	index.html Show response classic.bqe.com/bqopromo/	3 KB 2 KB	929ms 184ms	XHR text/html	47.180.200.202 FRONTIER-FRTR
General Check archive.org Show headers Download Go to Full URL https://classic.bqe.com/bqopromo/index.html?_=1664243711359 Requested by Host: production.billquickonline.com URL: https://production.billquickonline.com/_js/jquery-2.1.1.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 47.180.200.202 Rancho Palos Verdes, United States, ASN5650 (FRONTIER-FRTR, US), Reverse DNS static-47-180-200-202.lsan.ca.frontiernet.net Software BQE Server / Resource Hash 49a2452c59c9bc1933230e25502fb2184bae54064a2abdc9f1965e9613234b30 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept */* Referer https://production.billquickonline.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip etag "8edc468b95a8d81:0" x-permitted-cross-domain-policies none content-length 1621 x-xss-protection 1; mode=block pragma no-cache referrer-policy strict-origin last-modified Fri, 05 Aug 2022 06:35:24 GMT server BQE Server x-frame-options SAMEORIGIN date Tue, 27 Sep 2022 01:55:12 GMT vary Accept-Encoding access-control-allow-methods GET, PUT, POST, DELETE, OPTIONS content-type text/html access-control-allow-origin https://production.billquickonline.com cache-control max-age=86400,no-cache, no-store, must-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers Accept, Content-Type, Origin, Authorization, X-Requested-With, OPTIONS, X-AdminPortalPassThrough, X-CorePassThrough, X-HostPassThrough, X-HostPassThrough, X-HostMigratorPass, X-MigratorPass, X-CRMPortalPassThrough x-content-type-options nosniff expires -1
POST H2	200	CheckLoginMessage Show response production.billquickonline.com/checkEmailExists.aspx/	8 B 135 B	124ms 124ms	XHR application/json	2606:4700::6812:168c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://production.billquickonline.com/checkEmailExists.aspx/CheckLoginMessage Requested by Host: production.billquickonline.com URL: https://production.billquickonline.com/_js/jquery-2.1.1.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:168c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff2445bdef616e3f4e82423389acd378c7e947ab4439a004e11f804aaf25338d Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://production.billquickonline.com/ X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Content-Type application/json;charset=UTF-8 Response headers pragma no-cache date Tue, 27 Sep 2022 01:55:11 GMT cf-cache-status DYNAMIC server cloudflare content-type application/json; charset=utf-8 cache-control private, max-age=0,no-cache, no-store, must-revalidate cf-ray 75109d9c89e7bbeb-FRA content-length 8 expires 0
GET H2	200	checkDBStatus.aspx Show response production.billquickonline.com/	6 B 166 B	125ms 124ms	XHR text/html	2606:4700::6812:168c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://production.billquickonline.com/checkDBStatus.aspx?sid=0.23802193302944197&sessionVar=DBCreation Requested by Host: production.billquickonline.com URL: https://production.billquickonline.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:168c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 84fd36f7cbff12b9a0482c8f3ee782fbc60a87e2f08913509f71d71726f81cc1 Request headers accept-language de-DE,de;q=0.9 Referer https://production.billquickonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Tue, 27 Sep 2022 01:55:11 GMT content-encoding gzip cf-cache-status DYNAMIC server cloudflare content-type text/html; charset=utf-8 cache-control private,no-cache, no-store, must-revalidate cf-ray 75109d9f4c71bbeb-FRA expires Tue, 27 Sep 2022 01:54:11 GMT,0
GET H2	200	css fonts.googleapis.com/	11 KB 870 B	64ms 60ms	Stylesheet text/css	2a00:1450:400d:80a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&display=swap Requested by Host: client URL: about:client Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash a5d800754ca9a9ece3b760b994c8335b336f1539771f2a4f3877ea250117bf26 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://production.billquickonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 27 Sep 2022 01:02:04 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Tue, 27 Sep 2022 01:55:12 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 27 Sep 2022 01:55:12 GMT
GET H2	200	epayments.svg sb.bqe.com/corepromo/images/	90 KB 37 KB	873ms 177ms	Image image/svg+xml	47.180.200.210 FRONTIER-FRTR
General Check archive.org Show headers Download Go to Show image Full URL https://sb.bqe.com/corepromo/images/epayments.svg Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 47.180.200.210 Rancho Palos Verdes, United States, ASN5650 (FRONTIER-FRTR, US), Reverse DNS static-47-180-200-210.lsan.ca.frontiernet.net Software BQE Server / Resource Hash e8e928c43ebba8f128fd17d107d421fa5d016d0dbe7d6a6329df0d14f5e766cf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://production.billquickonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip x-content-type-options nosniff x-permitted-cross-domain-policies none content-length 36924 x-xss-protection 1; mode=block pragma no-cache referrer-policy strict-origin last-modified Wed, 06 Jul 2022 02:46:39 GMT server BQE Server x-frame-options SAMEORIGIN date Tue, 27 Sep 2022 01:55:14 GMT vary Accept-Encoding access-control-allow-methods GET, PUT, POST, DELETE, OPTIONS content-type image/svg+xml cache-control max-age=86400,no-cache, no-store, must-revalidate access-control-allow-credentials true etag "8011b09de290d81:0" accept-ranges bytes access-control-allow-headers Accept, Content-Type, Origin, Authorization, X-Requested-With, OPTIONS, X-AdminPortalPassThrough, X-CorePassThrough, X-HostPassThrough, X-HostPassThrough, X-HostMigratorPass, X-MigratorPass, X-CRMPortalPassThrough expires -1
GET H2	200	60percent.svg sb.bqe.com/corepromo/images/	6 KB 2 KB	1050ms 354ms	Image image/svg+xml	47.180.200.210 FRONTIER-FRTR
General Check archive.org Show headers Download Go to Show image Full URL https://sb.bqe.com/corepromo/images/60percent.svg Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 47.180.200.210 Rancho Palos Verdes, United States, ASN5650 (FRONTIER-FRTR, US), Reverse DNS static-47-180-200-210.lsan.ca.frontiernet.net Software BQE Server / Resource Hash abb6a1e3576d75cca91eb7db74b6bff2c4771d25bd9a920af280025e750897f5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://production.billquickonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip x-content-type-options nosniff x-permitted-cross-domain-policies none content-length 2357 x-xss-protection 1; mode=block pragma no-cache referrer-policy strict-origin last-modified Wed, 06 Jul 2022 09:01:29 GMT server BQE Server x-frame-options SAMEORIGIN date Tue, 27 Sep 2022 01:55:14 GMT vary Accept-Encoding access-control-allow-methods GET, PUT, POST, DELETE, OPTIONS content-type image/svg+xml cache-control max-age=86400,no-cache, no-store, must-revalidate access-control-allow-credentials true etag "80bac5fa1691d81:0" accept-ranges bytes access-control-allow-headers Accept, Content-Type, Origin, Authorization, X-Requested-With, OPTIONS, X-AdminPortalPassThrough, X-CorePassThrough, X-HostPassThrough, X-HostPassThrough, X-HostMigratorPass, X-MigratorPass, X-CRMPortalPassThrough expires -1
GET H2	200	gear-icon.svg sb.bqe.com/corepromo/images/	5 KB 2 KB	1049ms 353ms	Image image/svg+xml	47.180.200.210 FRONTIER-FRTR
General Check archive.org Show headers Download Go to Show image Full URL https://sb.bqe.com/corepromo/images/gear-icon.svg Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 47.180.200.210 Rancho Palos Verdes, United States, ASN5650 (FRONTIER-FRTR, US), Reverse DNS static-47-180-200-210.lsan.ca.frontiernet.net Software BQE Server / Resource Hash a4f9e455f1d140dc735ae4c26c0dff0896e7e3f93aa5e4a793d8711545127124 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://production.billquickonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip x-content-type-options nosniff x-permitted-cross-domain-policies none content-length 2171 x-xss-protection 1; mode=block pragma no-cache referrer-policy strict-origin last-modified Wed, 06 Jul 2022 09:02:57 GMT server BQE Server x-frame-options SAMEORIGIN date Tue, 27 Sep 2022 01:55:14 GMT vary Accept-Encoding access-control-allow-methods GET, PUT, POST, DELETE, OPTIONS content-type image/svg+xml cache-control max-age=86400,no-cache, no-store, must-revalidate access-control-allow-credentials true etag "8076392f1791d81:0" accept-ranges bytes access-control-allow-headers Accept, Content-Type, Origin, Authorization, X-Requested-With, OPTIONS, X-AdminPortalPassThrough, X-CorePassThrough, X-HostPassThrough, X-HostPassThrough, X-HostMigratorPass, X-MigratorPass, X-CRMPortalPassThrough expires -1
GET H3	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v34/	44 KB 44 KB	110ms 38ms	Font font/woff2	2a00:1450:400d:80a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://production.billquickonline.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Mon, 26 Sep 2022 18:50:55 GMT x-content-type-options nosniff age 25457 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 44856 x-xss-protection 0 last-modified Mon, 15 Aug 2022 18:20:18 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 26 Sep 2023 18:50:55 GMT
GET H3	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v34/	44 KB 44 KB	113ms 42ms	Font font/woff2	2a00:1450:400d:80a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://production.billquickonline.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Mon, 26 Sep 2022 18:50:55 GMT x-content-type-options nosniff age 25457 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 44856 x-xss-protection 0 last-modified Mon, 15 Aug 2022 18:20:18 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 26 Sep 2023 18:50:55 GMT
GET H3	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v34/	44 KB 44 KB	124ms 55ms	Font font/woff2	2a00:1450:400d:80a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://production.billquickonline.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Mon, 26 Sep 2022 18:50:55 GMT x-content-type-options nosniff age 25457 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 44856 x-xss-protection 0 last-modified Mon, 15 Aug 2022 18:20:18 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 26 Sep 2023 18:50:55 GMT
GET H3	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v34/	44 KB 44 KB	134ms 69ms	Font font/woff2	2a00:1450:400d:80a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://production.billquickonline.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Mon, 26 Sep 2022 18:50:55 GMT x-content-type-options nosniff age 25457 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 44856 x-xss-protection 0 last-modified Mon, 15 Aug 2022 18:20:18 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 26 Sep 2023 18:50:55 GMT

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery function| selectnav object| layerSliderTransitions function| lsShowNotice function| lsPrefixes function| uaMatch function| showPromoOnPage function| ShowMessageDialog function| CloseMe function| onkey function| SetFocus number| ID object| xmlHttp function| checkDBCreation function| checkDBStatus function| checkDBStatus_Session function| processReqChange function| PostBackOnMainThread function| GetXmlHttpObject function| getQuerystring function| URLDecode function| ToggleVisibility object| theForm function| __doPostBack function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions object| __pendingCallbacks number| __synchronousCallBackIndex function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection object| __callbackTextTypes function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback object| __disabledControlArray function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY function| WebForm_FindFirstFocusableChild function| WebForm_AutoFocus function| WebForm_CanFocus function| WebForm_IsFocusableTag function| WebForm_IsInVisibleContainer function| resizesidebar object| closeButton object| $trigger

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			production.billquickonline.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: uy21o3mczmvqmvl3lozwcxn4

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

classic.bqe.com
fonts.googleapis.com
fonts.gstatic.com
production.billquickonline.com
sb.bqe.com
2606:4700::6812:168c
2a00:1450:400d:80a::2003
2a00:1450:400d:80a::200a
47.180.200.202
47.180.200.210
144524233f795d6a425b76f7ae5c0bb622b5f67e2e6ae73532ad526528ca07cf
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2a567065c5b81f9ee249372b8ebed6725e006e766e7be28c13bddf9ce82e6577
2ba98a0316214ff39ad8b44dceb6424bf8ed93455e2a7219f58bae1798f06c86
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
3a35e50278a8e7f60c08b8b31cf6211ee04e5892671ec9b64192469ac66481ee
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
4433e96055a27c86d512ce3f7f1ee28d99189adf0da3015c200807fc4f5cc188
469d07a8d88bb3dc3dfad90ada8fa8c3ad8554e626e1e543d9358d248dcbdfc9
48f100d494876a84a30575260c6e487040abc633cdaa40f7c377185f6c34852b
49a2452c59c9bc1933230e25502fb2184bae54064a2abdc9f1965e9613234b30
4b1545dfb76db807b08a0793ce46a9923522182d2a4eefb522a216a29a18830e
6c4133ff5eff0f23ca2f6fdaceea1d4dd3a91e499a0b0aef688b0f31206b0328
84fd36f7cbff12b9a0482c8f3ee782fbc60a87e2f08913509f71d71726f81cc1
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8ace5c5ffd40ccede0f34ae6b578c3277ab77538b8c81fdef7a8837a093b9f1c
8cb7de876feb9bf159cd341db1fb6f4fb3d211bcad3663f94a61f1b575e1af4c
a4af83a1891f34c09be39ea63a87a497890c376422a68ff0dae755bc62bce311
a4f9e455f1d140dc735ae4c26c0dff0896e7e3f93aa5e4a793d8711545127124
a5d800754ca9a9ece3b760b994c8335b336f1539771f2a4f3877ea250117bf26
abb6a1e3576d75cca91eb7db74b6bff2c4771d25bd9a920af280025e750897f5
b2ce8462d173fc92b60f98701f45443710e423af1b11525a762008ff2c1a0204
b2f591ae9d8b9df0dadd5517da5c178c33e83ea257cb8861a481b12faca1aa4a
b99cb3f5a0978988ae8d179c872a10ef306036cf74189a0cd6f7821e26b1df3c
c35756bc37c48c69f202204a42e2ec6c88dd2e1113802adc77703ead80f9a624
c949e2af960ca478302b8d317bc925dde899218e4dc725c33c0178dc42c00538
cc24fe228f0d7612788ad5d01b39b8ec8908da1140bfba72eb45f3c16a175b13
e66f605717ce60ee8a8a546c95db8ab644c6b059b3a320ec9930391c0e2abff0
e8e928c43ebba8f128fd17d107d421fa5d016d0dbe7d6a6329df0d14f5e766cf
e9addc48afe73ac6f73d51352d7696e39cd8cc158ed333f46f61e1e2dc23473d
fd2533a00e597523927af249ee8904bf70b3d4ea0d5ded4d674f7ae70739faf7
ff2445bdef616e3f4e82423389acd378c7e947ab4439a004e11f804aaf25338d