production-iad.billquickonline.com Open in urlscan Pro
2606:4700::6812:178c  Public Scan

URL: https://production-iad.billquickonline.com/
Submission: On October 01 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 36 HTTP transactions. The main IP is 2606:4700::6812:178c, located in United States and belongs to CLOUDFLARENET, US. The main domain is production-iad.billquickonline.com.
TLS certificate: Issued by R3 on October 1st 2022. Valid for: 3 months.
This is the only time production-iad.billquickonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
25 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 47.180.200.202 5650 (FRONTIER-...)
3 47.180.200.210 5650 (FRONTIER-...)
36 5
Apex Domain
Subdomains
Transfer
25 billquickonline.com
production-iad.billquickonline.com
205 KB
5 gstatic.com
fonts.gstatic.com
220 KB
4 bqe.com
classic.bqe.com — Cisco Umbrella Rank: 625495
sb.bqe.com — Cisco Umbrella Rank: 652257
104 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 41
2 KB
36 4
Domain Requested by
25 production-iad.billquickonline.com production-iad.billquickonline.com
5 fonts.gstatic.com fonts.googleapis.com
3 sb.bqe.com
2 fonts.googleapis.com production-iad.billquickonline.com
client
1 classic.bqe.com production-iad.billquickonline.com
36 5

This site contains links to these domains. Also see Links.

Domain
www.bqe.com
blog.bqe.com
Subject Issuer Validity Valid
production-iad.billquickonline.com
R3
2022-10-01 -
2022-12-30
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-09-12 -
2022-12-05
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-09-12 -
2022-12-05
3 months crt.sh
*.bqe.com
DigiCert TLS RSA SHA256 2020 CA1
2021-12-02 -
2023-01-02
a year crt.sh

This page contains 1 frames:

Primary Page: https://production-iad.billquickonline.com/
Frame ID: A9C5886D4E1A1738043AA1C5D2059B78
Requests: 36 HTTP requests in this frame

Screenshot

Page Title

BillQuick Online::LoginSign-in Promo Screen

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery-ui[.-]([\d.]*\d)[^/]*\.js
  • jquery-ui.*\.js

Page Statistics

36
Requests

100 %
HTTPS

60 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

531 kB
Transfer

1100 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
production-iad.billquickonline.com/
38 KB
9 KB
Document
General
Full URL
https://production-iad.billquickonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:178c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24275c7e4d365e6c2ce9077fd3bd998097875b395cee69546a5c8df13ed49ad9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
75330044baacbb77-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 01 Oct 2022 06:04:28 GMT
expires
0
pragma
no-cache
server
cloudflare
style.css
production-iad.billquickonline.com/Theme/css/
89 KB
16 KB
Stylesheet
General
Full URL
https://production-iad.billquickonline.com/Theme/css/style.css
Requested by
Host: production-iad.billquickonline.com
URL: https://production-iad.billquickonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:178c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4433e96055a27c86d512ce3f7f1ee28d99189adf0da3015c200807fc4f5cc188

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://production-iad.billquickonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 06:04:29 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 05 Feb 2018 02:03:29 GMT
server
cloudflare
etag
W/"63c62884259ed31:0"
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
cf-ray
753300480895bb77-FRA
expires
0
blue.css
production-iad.billquickonline.com/Theme/css/colors/
2 KB
675 B
Stylesheet
General
Full URL
https://production-iad.billquickonline.com/Theme/css/colors/blue.css
Requested by
Host: production-iad.billquickonline.com
URL: https://production-iad.billquickonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:178c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2f591ae9d8b9df0dadd5517da5c178c33e83ea257cb8861a481b12faca1aa4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://production-iad.billquickonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 06:04:29 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 18 Jul 2013 11:00:54 GMT
server
cloudflare
etag
W/"0b79612a683ce1:0"
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
cf-ray
753300481896bb77-FRA
expires
0
WSblue.css
production-iad.billquickonline.com/Theme/css/
40 KB
8 KB
Stylesheet
General
Full URL
https://production-iad.billquickonline.com/Theme/css/WSblue.css
Requested by
Host: production-iad.billquickonline.com
URL: https://production-iad.billquickonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:178c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c35756bc37c48c69f202204a42e2ec6c88dd2e1113802adc77703ead80f9a624

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://production-iad.billquickonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 06:04:29 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 25 Feb 2016 20:06:20 GMT
server
cloudflare
etag
W/"0610fe770d11:0"
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
cf-ray
75330048189abb77-FRA
expires
0
bqoHost.css
production-iad.billquickonline.com/Theme/css/
6 KB
2 KB
Stylesheet
General
Full URL
https://production-iad.billquickonline.com/Theme/css/bqoHost.css
Requested by
Host: production-iad.billquickonline.com
URL: https://production-iad.billquickonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:178c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
469d07a8d88bb3dc3dfad90ada8fa8c3ad8554e626e1e543d9358d248dcbdfc9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://production-iad.billquickonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 06:04:29 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 15 Mar 2016 23:59:14 GMT
server
cloudflare
etag
W/"07510ad167fd11:0"
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
cf-ray
75330048189bbb77-FRA
expires
0
jquery-ui-1.11.2.css
production-iad.billquickonline.com/css/redmond/
38 KB
9 KB
Stylesheet
General
Full URL
https://production-iad.billquickonline.com/css/redmond/jquery-ui-1.11.2.css
Requested by
Host: production-iad.billquickonline.com
URL: https://production-iad.billquickonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:178c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc24fe228f0d7612788ad5d01b39b8ec8908da1140bfba72eb45f3c16a175b13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://production-iad.billquickonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 06:04:29 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 10 Feb 2016 19:08:26 GMT
server
cloudflare
etag
W/"071336b3664d11:0"
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
cf-ray
75330048189cbb77-FRA
expires
0
jquery-2.1.1.min.js
production-iad.billquickonline.com/_js/
82 KB
29 KB
Script
General
Full URL
https://production-iad.billquickonline.com/_js/jquery-2.1.1.min.js
Requested by
Host: production-iad.billquickonline.com
URL: https://production-iad.billquickonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:178c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2ce8462d173fc92b60f98701f45443710e423af1b11525a762008ff2c1a0204

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://production-iad.billquickonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 06:04:29 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 02 Feb 2017 22:50:18 GMT
server
cloudflare
etag
W/"0f1a7b9a67dd21:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
7533004818a0bb77-FRA
expires
0
jquery-ui-1.11.2.min.js
production-iad.billquickonline.com/_js/
234 KB
63 KB
Script
General
Full URL
https://production-iad.billquickonline.com/_js/jquery-ui-1.11.2.min.js
Requested by
Host: production-iad.billquickonline.com
URL: https://production-iad.billquickonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:178c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b99cb3f5a0978988ae8d179c872a10ef306036cf74189a0cd6f7821e26b1df3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://production-iad.billquickonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 06:04:29 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 02 Feb 2017 22:50:18 GMT
server
cloudflare
etag
W/"0f1a7b9a67dd21:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
7533004818a1bb77-FRA
expires
0
jquery.selectnav.js
production-iad.billquickonline.com/_js/
3 KB
1 KB
Script
General
Full URL
https://production-iad.billquickonline.com/_js/jquery.selectnav.js
Requested by
Host: production-iad.billquickonline.com
URL: https://production-iad.billquickonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:178c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9addc48afe73ac6f73d51352d7696e39cd8cc158ed333f46f61e1e2dc23473d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://production-iad.billquickonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 06:04:29 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 17 Jul 2013 21:30:56 GMT
server
cloudflare
etag
W/"068eceb3483ce1:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
7533004818a3bb77-FRA
expires
0
jquery.layerslider-transitions.js
production-iad.billquickonline.com/_js/
21 KB
3 KB
Script
General
Full URL
https://production-iad.billquickonline.com/_js/jquery.layerslider-transitions.js
Requested by
Host: production-iad.billquickonline.com
URL: https://production-iad.billquickonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:178c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48f100d494876a84a30575260c6e487040abc633cdaa40f7c377185f6c34852b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://production-iad.billquickonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 06:04:29 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 02 Feb 2017 22:50:18 GMT
server
cloudflare
etag
W/"0f1a7b9a67dd21:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
7533004818a5bb77-FRA
expires
0
jquery.layerslider.min.js
production-iad.billquickonline.com/_js/
48 KB
17 KB
Script
General
Full URL
https://production-iad.billquickonline.com/_js/jquery.layerslider.min.js
Requested by
Host: production-iad.billquickonline.com
URL: https://production-iad.billquickonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:178c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a35e50278a8e7f60c08b8b31cf6211ee04e5892671ec9b64192469ac66481ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://production-iad.billquickonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 06:04:29 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 02 Feb 2017 22:50:18 GMT
server
cloudflare
etag
W/"0f1a7b9a67dd21:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
7533004828c4bb77-FRA
expires
0
custom.js
production-iad.billquickonline.com/_js/
19 KB
6 KB
Script
General
Full URL
https://production-iad.billquickonline.com/_js/custom.js
Requested by
Host: production-iad.billquickonline.com
URL: https://production-iad.billquickonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:178c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4af83a1891f34c09be39ea63a87a497890c376422a68ff0dae755bc62bce311

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://production-iad.billquickonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 06:04:29 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 31 Mar 2015 19:58:16 GMT
server
cloudflare
etag
W/"03cd86ed6bd01:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
7533004828c9bb77-FRA
expires
0
skin.css
production-iad.billquickonline.com/css/vista-messagebar/
1 KB
722 B
Stylesheet
General
Full URL
https://production-iad.billquickonline.com/css/vista-messagebar/skin.css
Requested by
Host: production-iad.billquickonline.com
URL: https://production-iad.billquickonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:178c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c949e2af960ca478302b8d317bc925dde899218e4dc725c33c0178dc42c00538

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://production-iad.billquickonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 06:04:29 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 10 Feb 2016 19:08:40 GMT
server
cloudflare
etag
W/"0ac8b733664d11:0"
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
cf-ray
75330048189ebb77-FRA
expires
0
jquery.messagebar.js
production-iad.billquickonline.com/_js/
2 KB
911 B
Script
General
Full URL
https://production-iad.billquickonline.com/_js/jquery.messagebar.js
Requested by
Host: production-iad.billquickonline.com
URL: https://production-iad.billquickonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:178c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a567065c5b81f9ee249372b8ebed6725e006e766e7be28c13bddf9ce82e6577

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://production-iad.billquickonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 06:04:29 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 02 Feb 2017 22:50:18 GMT
server
cloudflare
etag
W/"0f1a7b9a67dd21:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
7533004828cbbb77-FRA
expires
0
WebResource.axd
production-iad.billquickonline.com/
23 KB
5 KB
Script
General
Full URL
https://production-iad.billquickonline.com/WebResource.axd?d=avl4-ZGHxdRMh6J-fvV7WC-z0EsJMsdzVoViPX6_vUxWRibBnzxvuMxUxpFTSR-nJ5DlojMoLJCrWqUBA25hjWimQV72Fy3j7TLdoJ0c8vM1&t=637814372020000000
Requested by
Host: production-iad.billquickonline.com
URL: https://production-iad.billquickonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:178c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://production-iad.billquickonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 06:04:29 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Sat, 26 Feb 2022 09:53:22 GMT
server
cloudflare
content-type
application/x-javascript
cache-control
public,no-cache, no-store, must-revalidate
cf-ray
75330048b9a8bb77-FRA
expires
Sat, 30 Sep 2023 07:31:23 GMT,0
WebResource.axd
production-iad.billquickonline.com/
3 KB
841 B
Script
General
Full URL
https://production-iad.billquickonline.com/WebResource.axd?d=sCAU14_PkdWVfROo1FBvZlEzwJ5jcemBCY3-BwrDtQhorowtBBn2rl-qWmPAvTqGmwScRDNZbiWlEQFbL1z9X2_lCvgtgzaaXkM_75rjnWw1&t=637814372020000000
Requested by
Host: production-iad.billquickonline.com
URL: https://production-iad.billquickonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:178c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
144524233f795d6a425b76f7ae5c0bb622b5f67e2e6ae73532ad526528ca07cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://production-iad.billquickonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 06:04:29 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Sat, 26 Feb 2022 09:53:22 GMT
server
cloudflare
content-type
application/x-javascript
cache-control
public,no-cache, no-store, must-revalidate
cf-ray
75330048b9aabb77-FRA
expires
Sat, 30 Sep 2023 07:31:23 GMT,0
BQOnlineLogo.png
production-iad.billquickonline.com/images/host/
13 KB
13 KB
Image
General
Full URL
https://production-iad.billquickonline.com/images/host/BQOnlineLogo.png
Requested by
Host: production-iad.billquickonline.com
URL: https://production-iad.billquickonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:178c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd2533a00e597523927af249ee8904bf70b3d4ea0d5ded4d674f7ae70739faf7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://production-iad.billquickonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 06:04:30 GMT
cf-cache-status
MISS
last-modified
Wed, 06 May 2020 06:13:43 GMT
server
cloudflare
etag
"27645a7e6d23d61:0"
vary
Accept-Encoding
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
753300506f4abb77-FRA
content-length
13538
expires
0
Progress.gif
production-iad.billquickonline.com/Images/
3 KB
3 KB
Image
General
Full URL
https://production-iad.billquickonline.com/Images/Progress.gif
Requested by
Host: production-iad.billquickonline.com
URL: https://production-iad.billquickonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:178c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b1545dfb76db807b08a0793ce46a9923522182d2a4eefb522a216a29a18830e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://production-iad.billquickonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 06:04:30 GMT
cf-cache-status
MISS
last-modified
Tue, 27 Jan 2009 08:53:32 GMT
server
cloudflare
etag
"04e8bb5c80c91:0"
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
753300507f5dbb77-FRA
content-length
3111
expires
0
email-decode.min.js
production-iad.billquickonline.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
830 B
Script
General
Full URL
https://production-iad.billquickonline.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: production-iad.billquickonline.com
URL: https://production-iad.billquickonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:178c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://production-iad.billquickonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 06:04:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 26 Sep 2022 11:11:52 GMT
server
cloudflare
etag
W/"633188f8-4d7"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
753300504f1bbb77-FRA
expires
Mon, 03 Oct 2022 06:04:30 GMT
base.css
production-iad.billquickonline.com/Theme/css/
7 KB
2 KB
Stylesheet
General
Full URL
https://production-iad.billquickonline.com/Theme/css/base.css
Requested by
Host: production-iad.billquickonline.com
URL: https://production-iad.billquickonline.com/Theme/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:178c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ba98a0316214ff39ad8b44dceb6424bf8ed93455e2a7219f58bae1798f06c86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://production-iad.billquickonline.com/Theme/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 06:04:29 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 30 Apr 2020 05:30:12 GMT
server
cloudflare
etag
W/"42a3776bb01ed61:0"
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
cf-ray
7533004c683bbb77-FRA
expires
0
responsive.css
production-iad.billquickonline.com/Theme/css/
14 KB
2 KB
Stylesheet
General
Full URL
https://production-iad.billquickonline.com/Theme/css/responsive.css
Requested by
Host: production-iad.billquickonline.com
URL: https://production-iad.billquickonline.com/Theme/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:178c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ace5c5ffd40ccede0f34ae6b578c3277ab77538b8c81fdef7a8837a093b9f1c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://production-iad.billquickonline.com/Theme/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 06:04:30 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 17 Mar 2016 18:55:06 GMT
server
cloudflare
etag
W/"0213c857e80d11:0"
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
cf-ray
7533004c683cbb77-FRA
expires
0
icons.css
production-iad.billquickonline.com/Theme/css/
32 KB
5 KB
Stylesheet
General
Full URL
https://production-iad.billquickonline.com/Theme/css/icons.css
Requested by
Host: production-iad.billquickonline.com
URL: https://production-iad.billquickonline.com/Theme/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:178c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cb7de876feb9bf159cd341db1fb6f4fb3d211bcad3663f94a61f1b575e1af4c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://production-iad.billquickonline.com/Theme/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 06:04:30 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 25 Feb 2016 20:06:20 GMT
server
cloudflare
etag
W/"0610fe770d11:0"
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
cf-ray
7533004c683fbb77-FRA
expires
0
font-awesome.css
production-iad.billquickonline.com/Theme/css/
37 KB
7 KB
Stylesheet
General
Full URL
https://production-iad.billquickonline.com/Theme/css/font-awesome.css
Requested by
Host: production-iad.billquickonline.com
URL: https://production-iad.billquickonline.com/Theme/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:178c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://production-iad.billquickonline.com/Theme/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 06:04:30 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 23 May 2017 23:43:52 GMT
server
cloudflare
etag
W/"0ecc96e1ed4d21:0"
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
cf-ray
7533004c6840bb77-FRA
expires
0
css
fonts.googleapis.com/
10 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700
Requested by
Host: production-iad.billquickonline.com
URL: https://production-iad.billquickonline.com/Theme/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6c4133ff5eff0f23ca2f6fdaceea1d4dd3a91e499a0b0aef688b0f31206b0328
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://production-iad.billquickonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 01 Oct 2022 06:04:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 01 Oct 2022 04:08:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 01 Oct 2022 06:04:29 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://production-iad.billquickonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 18:50:34 GMT
x-content-type-options
nosniff
age
386036
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Sep 2023 18:50:34 GMT
index.html
classic.bqe.com/bqopromo/
3 KB
2 KB
XHR
General
Full URL
https://classic.bqe.com/bqopromo/index.html?_=1664604270152
Requested by
Host: production-iad.billquickonline.com
URL: https://production-iad.billquickonline.com/_js/jquery-2.1.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.180.200.202 Rancho Palos Verdes, United States, ASN5650 (FRONTIER-FRTR, US),
Reverse DNS
static-47-180-200-202.lsan.ca.frontiernet.net
Software
BQE Server /
Resource Hash
49a2452c59c9bc1933230e25502fb2184bae54064a2abdc9f1965e9613234b30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://production-iad.billquickonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 01 Oct 2022 06:04:30 GMT
x-permitted-cross-domain-policies
none
content-length
1621
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin
last-modified
Fri, 05 Aug 2022 06:35:24 GMT
server
BQE Server
etag
"8edc468b95a8d81:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
https://production-iad.billquickonline.com
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
cache-control
max-age=86400,no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Accept, Content-Type, Origin, Authorization, X-Requested-With, OPTIONS, X-AdminPortalPassThrough, X-CorePassThrough, X-HostPassThrough, X-HostPassThrough, X-HostMigratorPass, X-MigratorPass, X-CRMPortalPassThrough
expires
-1
CheckLoginMessage
production-iad.billquickonline.com/checkEmailExists.aspx/
8 B
143 B
XHR
General
Full URL
https://production-iad.billquickonline.com/checkEmailExists.aspx/CheckLoginMessage
Requested by
Host: production-iad.billquickonline.com
URL: https://production-iad.billquickonline.com/_js/jquery-2.1.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:178c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff2445bdef616e3f4e82423389acd378c7e947ab4439a004e11f804aaf25338d

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://production-iad.billquickonline.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 06:04:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json; charset=utf-8
cache-control
private, max-age=0,no-cache, no-store, must-revalidate
cf-ray
75330050d80fbb77-FRA
content-length
8
expires
0
checkDBStatus.aspx
production-iad.billquickonline.com/
6 B
165 B
XHR
General
Full URL
https://production-iad.billquickonline.com/checkDBStatus.aspx?sid=0.47818121437607686&sessionVar=DBCreation
Requested by
Host: production-iad.billquickonline.com
URL: https://production-iad.billquickonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:178c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84fd36f7cbff12b9a0482c8f3ee782fbc60a87e2f08913509f71d71726f81cc1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://production-iad.billquickonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 06:04:30 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html; charset=utf-8
cache-control
private,no-cache, no-store, must-revalidate
cf-ray
753300549e6bbb77-FRA
expires
Sat, 01 Oct 2022 06:03:30 GMT,0
css
fonts.googleapis.com/
11 KB
870 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a5d800754ca9a9ece3b760b994c8335b336f1539771f2a4f3877ea250117bf26
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://production-iad.billquickonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 01 Oct 2022 06:04:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 01 Oct 2022 04:08:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 01 Oct 2022 06:04:31 GMT
epayments.svg
sb.bqe.com/corepromo/images/
90 KB
91 KB
Image
General
Full URL
https://sb.bqe.com/corepromo/images/epayments.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.180.200.210 Rancho Palos Verdes, United States, ASN5650 (FRONTIER-FRTR, US),
Reverse DNS
static-47-180-200-210.lsan.ca.frontiernet.net
Software
BQE Server /
Resource Hash
e8e928c43ebba8f128fd17d107d421fa5d016d0dbe7d6a6329df0d14f5e766cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://production-iad.billquickonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 01 Oct 2022 06:04:34 GMT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
content-length
92161
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin
last-modified
Wed, 06 Jul 2022 02:46:39 GMT
server
BQE Server
etag
"b74d369ee290d81:0"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
image/svg+xml
cache-control
max-age=86400,no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Accept, Content-Type, Origin, Authorization, X-Requested-With, OPTIONS, X-AdminPortalPassThrough, X-CorePassThrough, X-HostPassThrough, X-HostPassThrough, X-HostMigratorPass, X-MigratorPass, X-CRMPortalPassThrough
expires
-1
60percent.svg
sb.bqe.com/corepromo/images/
6 KB
6 KB
Image
General
Full URL
https://sb.bqe.com/corepromo/images/60percent.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.180.200.210 Rancho Palos Verdes, United States, ASN5650 (FRONTIER-FRTR, US),
Reverse DNS
static-47-180-200-210.lsan.ca.frontiernet.net
Software
BQE Server /
Resource Hash
abb6a1e3576d75cca91eb7db74b6bff2c4771d25bd9a920af280025e750897f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://production-iad.billquickonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 01 Oct 2022 06:04:34 GMT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
content-length
6280
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin
last-modified
Wed, 06 Jul 2022 09:01:29 GMT
server
BQE Server
etag
"b3be3bfb1691d81:0"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
image/svg+xml
cache-control
max-age=86400,no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Accept, Content-Type, Origin, Authorization, X-Requested-With, OPTIONS, X-AdminPortalPassThrough, X-CorePassThrough, X-HostPassThrough, X-HostPassThrough, X-HostMigratorPass, X-MigratorPass, X-CRMPortalPassThrough
expires
-1
gear-icon.svg
sb.bqe.com/corepromo/images/
5 KB
5 KB
Image
General
Full URL
https://sb.bqe.com/corepromo/images/gear-icon.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.180.200.210 Rancho Palos Verdes, United States, ASN5650 (FRONTIER-FRTR, US),
Reverse DNS
static-47-180-200-210.lsan.ca.frontiernet.net
Software
BQE Server /
Resource Hash
a4f9e455f1d140dc735ae4c26c0dff0896e7e3f93aa5e4a793d8711545127124
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://production-iad.billquickonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 01 Oct 2022 06:04:34 GMT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
content-length
4948
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin
last-modified
Wed, 06 Jul 2022 09:02:57 GMT
server
BQE Server
etag
"a6f1ba2f1791d81:0"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
image/svg+xml
cache-control
max-age=86400,no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Accept, Content-Type, Origin, Authorization, X-Requested-With, OPTIONS, X-AdminPortalPassThrough, X-CorePassThrough, X-HostPassThrough, X-HostPassThrough, X-HostMigratorPass, X-MigratorPass, X-CRMPortalPassThrough
expires
-1
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://production-iad.billquickonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 18:50:34 GMT
x-content-type-options
nosniff
age
386037
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Sep 2023 18:50:34 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://production-iad.billquickonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 18:50:34 GMT
x-content-type-options
nosniff
age
386037
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Sep 2023 18:50:34 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://production-iad.billquickonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 18:50:34 GMT
x-content-type-options
nosniff
age
386037
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Sep 2023 18:50:34 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://production-iad.billquickonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 18:50:34 GMT
x-content-type-options
nosniff
age
386037
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Sep 2023 18:50:34 GMT

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery function| selectnav object| layerSliderTransitions function| lsShowNotice function| lsPrefixes function| uaMatch function| showPromoOnPage function| ShowMessageDialog function| CloseMe function| onkey function| SetFocus number| ID object| xmlHttp function| checkDBCreation function| checkDBStatus function| checkDBStatus_Session function| processReqChange function| PostBackOnMainThread function| GetXmlHttpObject function| getQuerystring function| URLDecode function| ToggleVisibility object| theForm function| __doPostBack function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions object| __pendingCallbacks number| __synchronousCallBackIndex function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection object| __callbackTextTypes function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback object| __disabledControlArray function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY function| WebForm_FindFirstFocusableChild function| WebForm_AutoFocus function| WebForm_CanFocus function| WebForm_IsFocusableTag function| WebForm_IsInVisibleContainer function| resizesidebar object| closeButton object| $trigger

1 Cookies

Domain/Path Name / Value
production-iad.billquickonline.com/ Name: ASP.NET_SessionId
Value: y401idpqmbos04v2hbhkgtvu

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

classic.bqe.com
fonts.googleapis.com
fonts.gstatic.com
production-iad.billquickonline.com
sb.bqe.com
2606:4700::6812:178c
2a00:1450:4001:811::2003
2a00:1450:4001:82b::200a
47.180.200.202
47.180.200.210
144524233f795d6a425b76f7ae5c0bb622b5f67e2e6ae73532ad526528ca07cf
24275c7e4d365e6c2ce9077fd3bd998097875b395cee69546a5c8df13ed49ad9
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2a567065c5b81f9ee249372b8ebed6725e006e766e7be28c13bddf9ce82e6577
2ba98a0316214ff39ad8b44dceb6424bf8ed93455e2a7219f58bae1798f06c86
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
3a35e50278a8e7f60c08b8b31cf6211ee04e5892671ec9b64192469ac66481ee
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
4433e96055a27c86d512ce3f7f1ee28d99189adf0da3015c200807fc4f5cc188
469d07a8d88bb3dc3dfad90ada8fa8c3ad8554e626e1e543d9358d248dcbdfc9
48f100d494876a84a30575260c6e487040abc633cdaa40f7c377185f6c34852b
49a2452c59c9bc1933230e25502fb2184bae54064a2abdc9f1965e9613234b30
4b1545dfb76db807b08a0793ce46a9923522182d2a4eefb522a216a29a18830e
6c4133ff5eff0f23ca2f6fdaceea1d4dd3a91e499a0b0aef688b0f31206b0328
84fd36f7cbff12b9a0482c8f3ee782fbc60a87e2f08913509f71d71726f81cc1
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8ace5c5ffd40ccede0f34ae6b578c3277ab77538b8c81fdef7a8837a093b9f1c
8cb7de876feb9bf159cd341db1fb6f4fb3d211bcad3663f94a61f1b575e1af4c
a4af83a1891f34c09be39ea63a87a497890c376422a68ff0dae755bc62bce311
a4f9e455f1d140dc735ae4c26c0dff0896e7e3f93aa5e4a793d8711545127124
a5d800754ca9a9ece3b760b994c8335b336f1539771f2a4f3877ea250117bf26
abb6a1e3576d75cca91eb7db74b6bff2c4771d25bd9a920af280025e750897f5
b2ce8462d173fc92b60f98701f45443710e423af1b11525a762008ff2c1a0204
b2f591ae9d8b9df0dadd5517da5c178c33e83ea257cb8861a481b12faca1aa4a
b99cb3f5a0978988ae8d179c872a10ef306036cf74189a0cd6f7821e26b1df3c
c35756bc37c48c69f202204a42e2ec6c88dd2e1113802adc77703ead80f9a624
c949e2af960ca478302b8d317bc925dde899218e4dc725c33c0178dc42c00538
cc24fe228f0d7612788ad5d01b39b8ec8908da1140bfba72eb45f3c16a175b13
e8e928c43ebba8f128fd17d107d421fa5d016d0dbe7d6a6329df0d14f5e766cf
e9addc48afe73ac6f73d51352d7696e39cd8cc158ed333f46f61e1e2dc23473d
fd2533a00e597523927af249ee8904bf70b3d4ea0d5ded4d674f7ae70739faf7
ff2445bdef616e3f4e82423389acd378c7e947ab4439a004e11f804aaf25338d