Domain > order.withqikserve.us

More information on this domain is in AlienVault OTX

DNS Resolutions

Date	IP Address
2023-08-09	104.26.1.134 (ClassC)
2025-11-23	172.67.69.107 (ClassC)

HTTP/1.1 200 OKDate: Sun, 23 Nov 2025 17:43:10 GMTContent-Type: text/html; charsetUTF-8Transfer-Encoding: chunkedConnection: keep-aliveServer: cloudflareNel: {report_to:cf-nel,success_fraction:0.0,max_age:604800}expires: Thu, 19 Nov 1981 08:52:00 GMTCache-Control: no-store, no-cache, must-revalidatepragma: no-cachevary: Accept-EncodingReport-To: {group:cf-nel,max_age:604800,endpoints:{url:https://a.nel.cloudflare.com/report/v4?sWMGUklnuTfydhJPCf5wqZ07%2F94TLSztX%2Bg5hkrfqMA1aSnQ4SgdMAwpnydOTKPkCd0w6xorLNMCNdmxPdCaSoHC5%2Fw3TqHO%2Fjf3QhzUnTQn%2BQA%3D%3D}}cf-cache-status: DYNAMICSet-Cookie: PHPSESSIDc9bab7b7d994bc14d320a4837544d258; HttpOnly; SameSiteNone; Secure; Path/CF-RAY: 9a3277a13a28efb8-PDX

!doctype html>html>head>  meta charsetUTF-8>  meta namedescription contentOnline orders>  meta nameviewport contentwidthdevice-width, heightdevice-height, user-scalableno, initial-scale1.0, maximum-scale1.0 />    title translate>Order & Pay/title>  base href/>  script>window._PREO_DATA  {_CDNROOT:https:\/\/cdn.withqikserve.us\/,_CDNHOST_IMAGE:https:\/\/preo2.gumlet.io\/,_WEBAPP:https:\/\/manage.withqikserve.us\/,_SESSION:c9bab7b7d994bc14d320a4837544d258,_SESSION_PATH:,_GOOGLE_MAPS_KEY:AIzaSyAWu_DjZ9HiTg48lw-xO4tTtiFNfJa8aeQ,_DIGIMAP_KEY:hdV06J7TGGHITpN,_DIGIMAP_API_ROOT:https:\/\/cafv3.digimap.je\/v3,_PERMALINK:{id:574,permalink:order.withqikserve.us,domainId:null,applicationId:null,venueId:null,singleVenueId:null,arrayPermalinks:order.withqikserve.us,parentId:null,applicationToken:null,requireSso:0,facebookPixelId:null,googleAnalyticsId:null,googleAnalyticsFourId:null,hotjarId:null,oneTrustConfig:null,facebookDomainCode:null,analyticsKeys:,created:2020-05-21T22:21:49.000+0000,updated:2020-05-21T22:28:50.000+0000,domain:{domain:preoday,type:USERPASS,description:null,isPhoneFlag:0,verifyPhoneFlag:0,verifyEmailFlag:0,marketingOpt:1,acceptTermsFlag:0,localeCountry:GB,guestCheckoutFields:,marketingTextTitle:null,marketingTextSuccess:null,buttonText:Signin With preoday,buttonColour:null,buttonTextColour:null,blockDomains:null,errorMessage:null,redirectUrl:null,minLength:0,minNumbers:0,minSpecialChars:0,minCapitals:0,monthEmailInactiveUsers:null,monthDeleteInactiveUsers:null,allowSignup:1,allowSignIn:1,allowSignInByPhone:1,allowForgetPassword:1,requiresPassword:true,notAllowInternationalPhone:false,created:null,isOpenID:false},channel:null,venues:,webSettings:null,mobileSettings:null,hasDelivery:0,hasCollection:0,hasToSeat:0,isMultiBranch:0,host:order.withqikserve.us,settings:{country:null,venueCount:0,hasDelivery:0,hasCollection:0,hasToSeat:0,isMultiBranch:0,features:,locale:null,availableLanguages:,ccy:GBP,ccySymbol:\u00a3,currency:\u00a3},rtl:false,availableLanguages:,analyticsCrossDomainList:,locale:null},_SENTRY_ENVIRONMENT:prod,_SENTRY_PROJECT_KEY:https:\/\/4b918d2a8fb348ebaf741c44dd8b2d57@o124673.ingest.sentry.io\/274707,_STATIC_MENU:false,_PREODAY_GA:G-8XPL2SEZXK,_ALLOWED_BRIDGES:YoyoQsJSBridge,QSJSBridge,_RTL:null,_COMPONENTS_URL:https:\/\/ui.withqikserve.us\/,_QIKPAY_URL:https:\/\/pay.withqikserve.us\/}/script>      link href/images/favicon.ico relshortcut icon />  link relstylesheet href/fonts/fonts.css>  style>    body {      margin: 0;      padding: 0;      border: 0;    }    #webordersv2 {      display: none;    }    #preo-spinner {      position: fixed;      top: 0;      right: 0;      bottom: 0;      left: 0;      z-index: 999999;      display: flex;      align-items: center;      justify-content: center;      width: 100%;      height: 100%;      margin: 0;      padding: 0;      background-color: var(--spinner-backdrop-bg, rgba(255, 255, 255, 0.9));    }    #preo-spinner.hidden {      display: none !important;    }    #preo-spinner svg {      width: var(--spinner-size, 64px);      height: var(--spinner-size, 64px);      margin: 0;      animation: preo-spinner-rotate 1.4s linear infinite;    }    #preo-spinner svg circle {      fill: none;      stroke-width: var(--spinner-stroke-width, 4px);      stroke-miterlimit: 10;      stroke-dasharray: 2,400px;      stroke-dashoffset: 0;      stroke-linecap: round;      animation: preo-spinner-dash 1.4s ease-in-out infinite;    }    #preo-spinner svg circle:not(stroke) {      stroke: var(--spinner-stroke-color, var(--color-primary, #0021a1));    }    @keyframes preo-spinner-rotate {      100% {        transform: rotate(360deg);      }    }    @keyframes preo-spinner-dash {      0% {        stroke-dasharray: 2,400px;        stroke-dashoffset: 0px;      }      50% {        stroke-dasharray: 187px;        stroke-dashoffset: -92px;      }      100% {        stroke-dasharray: 187px;        stroke-dashoffset: -185px;      }    }  /style>  script>    function qikserveDispatchNativeEvent(event,payload) {        //if we have allowed native bridges and it its available in the browser we try to post it.          if(!!window._PREO_DATA._ALLOWED_BRIDGES){            var allowedBridgeswindow._PREO_DATA._ALLOWED_BRIDGES.split(,);              allowedBridges.forEach(function(bridgeName){                if (window.webkit && window.webkit.messageHandlers) {                  var definedBridge  window.webkit.messageHandlersbridgeName;                  definedBridge && definedBridge.postMessage(event,payload || {})                } else {                  windowbridgeName && windowbridgeName.postMessage(event,payload || {})                }              })          }        }    function removeQueryParams(param) {      if (window.URLSearchParams) {        var queryParams  new URLSearchParams(window.location.search);        queryParams.delete(param);        var newUrl  window.location.pathname;        if (queryParams.toString().length > 0) {          newUrl  newUrl + ? + queryParams.toString();        }        history.replaceState(null, null, newUrl);      }    }    function removeOrderIdFromSessionStorage() {      window.sessionStorage.removeItem(orderId);    }    (function() {      // This is a hotfix to get the orderDetailId      // and the orderId and redirect to the correct view with the hash      // because the redirect in the PHP side loses the hash      // in safari browsers when having the nginx as a reverse proxy      var getQueryParams  function(params, url) {        var href  url;        //this expression is to get the query strings        var reg  new RegExp( ?& + params + (^&#*), i );        var queryString  reg.exec(href);        return queryString ? queryString1 : null;      };      var orderDetailId  getQueryParams(orderDetailId, window.location.href);      var orderId  getQueryParams(orderId, window.location.href);      var responseCode  getQueryParams(responseCode, window.location.href);      var transactionId  getQueryParams(transactionId, window.location.href);      var showPaymentMethodModal  getQueryParams(showPaymentMethodModal, window.location.href);      // Remove responseCode and transactionId from url query params when returning from external      // url of payment provider (e.g. Nets)      if (responseCode) {        removeQueryParams(responseCode);      }      if (transactionId) {        removeQueryParams(transactionId);      }      if (showPaymentMethodModal) {        removeQueryParams(showPaymentMethodModal);      }      if (orderDetailId) {        // We execute the removeQueryParams method before defining        // a hash so that the hash is not overwritten        removeQueryParams(orderDetailId);        removeOrderIdFromSessionStorage();        window.location.hash  /main/order/ + orderDetailId;        qikserveDispatchNativeEvent(ORDER_PLACED);      } else if (orderId) {        removeQueryParams(orderId);        removeOrderIdFromSessionStorage();        window.location.hash  /main/reorder/ + orderId;      } else {        orderId  window.sessionStorage.getItem(orderId);        if (orderId) {          removeOrderIdFromSessionStorage();          window.location.hash  /main/reorder/ + orderId;        }      }    }());  /script>/head>body classclick-and-collect>  div tabindex-1 idpreo-spinner>    svg viewBox0 0 50 50>      circle cx25 cy25 r20 />    /svg>  /div>  div idwebordersv2    data-preo-permalink    data-preo-outlet-id    data-preo-outlet-location-id    data-preo-table-number    data-preo-event-date    data-preo-user-postcode    data-preo-user-address    data-preo-user-address-id    data-preo-processing-payment>  /div>  !-- @@FOOTER -->  !-- @@CSSOVERRIDE -->  !-- @@SERVER_QUERY_PARAMS -->script defer srcjs/preoday.vendors.5d431d3adc79ee8168b1.js>/script>script defer srcjs/preoday.vendor.e8a357a7f87aca404159.js>/script>script defer srcjs/preoday.app.edc25c70205435cf4d67.js>/script>/body>/html>

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]

Domain > order.withqikserve.us

Is this malicious?

DNS Resolutions

Port 80

Port 443