urlscan.io logo urlscan.io
SecurityTrails logo

www.thequickbooksguy.org Open in urlscan Pro
69.16.232.109  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.accountant-construction.com/
Effective URL: https://www.thequickbooksguy.org/
Submission: On May 06 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 8 domains to perform 33 HTTP transactions. The main IP is 69.16.232.109, located in United States and belongs to LIQUIDWEB, US. The main domain is www.thequickbooksguy.org.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on May 6th 2022. Valid for: 3 months.
This is the only time www.thequickbooksguy.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 19 69.16.232.109 32244 (LIQUIDWEB)
2 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (STACKPATH...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
33 8
19    69.16.232.109 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: buildyourfirm.com
www.accountant-construction.com
www.thequickbooksguy.org
2    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
4    2a06:98c1:3120::a (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
2    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
5    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
18 thequickbooksguy.org
www.thequickbooksguy.org
957 KB
5 gstatic.com
fonts.gstatic.com
107 KB
4 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1448
132 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 111
2 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1095
35 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 341
7 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 936
30 KB
1 accountant-construction.com
www.accountant-construction.com
224 B
33 8
Domain Requested by
18 www.thequickbooksguy.org www.thequickbooksguy.org
5 fonts.gstatic.com fonts.googleapis.com
4 use.fontawesome.com www.thequickbooksguy.org
use.fontawesome.com
2 fonts.googleapis.com www.thequickbooksguy.org
2 maxcdn.bootstrapcdn.com www.thequickbooksguy.org
1 cdnjs.cloudflare.com www.thequickbooksguy.org
1 code.jquery.com www.thequickbooksguy.org
1 www.accountant-construction.com 1 redirects
33 8
Subject Issuer Validity Valid
thequickbooksguy.org
ZeroSSL RSA Domain Secure Site CA		 2022-05-06 -
2022-08-04		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-29 -
2023-01-29		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.thequickbooksguy.org/
Frame ID: 1B23A58AEDA927E55B2459C2D2A32A66
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Virtual Bookkeeping Services | QuickBooks Support | Payroll

Page URL History Show full URLs

  1. https://www.accountant-construction.com/ HTTP 301
    https://www.thequickbooksguy.org/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /popper\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

33
Requests

100 %
HTTPS

86 %
IPv6

8
Domains

8
Subdomains

8
IPs

3
Countries

1269 kB
Transfer

1524 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.accountant-construction.com/ HTTP 301
    https://www.thequickbooksguy.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.thequickbooksguy.org/
Redirect Chain
  • https://www.accountant-construction.com/
  • https://www.thequickbooksguy.org/
28 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.thequickbooksguy.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.232.109 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
buildyourfirm.com
Software
Apache/2.2.34 / PHP/5.4.45
Resource Hash
0be396cb1ef102e42543ba6af206fb8a87ad4fd9d8fde248ee50affe62f597d4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html; charset=utf-8
Date
Fri, 06 May 2022 19:29:13 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
Apache/2.2.34
Transfer-Encoding
chunked
X-Powered-By
PHP/5.4.45

Redirect headers

Connection
close
Content-Length
241
Content-Type
text/html; charset=iso-8859-1
Date
Fri, 06 May 2022 19:29:12 GMT
Location
https://www.thequickbooksguy.org/
Server
Apache/2.2.34
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ 		141 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
Requested by
Host: www.thequickbooksguy.org
URL: https://www.thequickbooksguy.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thequickbooksguy.org/
Origin
https://www.thequickbooksguy.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 19:29:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
cdn-edgestorageid
863
access-control-allow-origin
*
cdn-cachedat
03/16/2022 19:54:41
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver
1.02
timing-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:04 GMT
server
cloudflare
cdn-requestpullcode
200
etag
W/"450fc463b8b1a349df717056fbb3e078"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
292ec1f5c686f9e5beaf780cd2a2e98b
cf-ray
70741f9cdc349a2d-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
all.css
use.fontawesome.com/releases/v5.0.13/css/ 		40 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.13/css/all.css
Requested by
Host: www.thequickbooksguy.org
URL: https://www.thequickbooksguy.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43730866612149a27f49159d7c4f19185c8694bb91bf41abc884a6fe1346e96e

Request headers

Referer
https://www.thequickbooksguy.org/
Origin
https://www.thequickbooksguy.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 19:29:13 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
MHSV0PJW20TK8XK8
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
ChVccJNzo62s8bVJ1PwtLN3eK+IuLXMxBVIFHrN6Hm9a/G5Tax1MxpWr4eom1XlWCeYfDHzdl/E=
last-modified
Wed, 30 Jun 2021 15:27:31 GMT
server
cloudflare
etag
W/"d61bfe9b56c13ecff5313ee3abb45e8b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FT1AAB19m1Yma4KHKOeohZRfUSLUvobTZk4%2BLTvNx0QNXgQvL0uyhtKBbd%2Bb3N7A%2Fz82IL7L8FKLevJyQY6%2FH%2BO7aUf6sCzOtm0DsiwPB6RFwbasulHFnT7ZiNf98JXU0a4RcXHK8TjRHyxaOoc%2BFM4z"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
70741f9cb95091f5-FRA
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600
Requested by
Host: www.thequickbooksguy.org
URL: https://www.thequickbooksguy.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c9bdfc045a978ddccb2326740ccdf355472a2d0c9a2d2e9762b4a97269a7feaa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thequickbooksguy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 06 May 2022 18:55:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 06 May 2022 19:29:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 06 May 2022 19:29:13 GMT
css
fonts.googleapis.com/ 		4 KB
597 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Rajdhani:400,500,600,700
Requested by
Host: www.thequickbooksguy.org
URL: https://www.thequickbooksguy.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2c0af72794572a2a76cb7b987ee3968f27f5ba31cb54ae0b4db990c88c5e360f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thequickbooksguy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 06 May 2022 19:29:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 06 May 2022 19:29:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 06 May 2022 19:29:13 GMT
byf-animate.css
www.thequickbooksguy.org/css/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.thequickbooksguy.org/css/byf-animate.css
Requested by
Host: www.thequickbooksguy.org
URL: https://www.thequickbooksguy.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.232.109 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
buildyourfirm.com
Software
Apache/2.2.34 /
Resource Hash
3adf7098f0bafa0f7039faace9658758e18523c2e8b3d6e468fa290bba9492c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thequickbooksguy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 06 May 2022 19:29:13 GMT
Last-Modified
Wed, 15 Aug 2018 17:24:33 GMT
Server
Apache/2.2.34
ETag
"a61e6e-b4e-5737c9999ac62"
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
2894
main420.css
www.thequickbooksguy.org/css/ 		37 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.thequickbooksguy.org/css/main420.css?v=1.00
Requested by
Host: www.thequickbooksguy.org
URL: https://www.thequickbooksguy.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.232.109 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
buildyourfirm.com
Software
Apache/2.2.34 /
Resource Hash
6c14bc417fc0048d5c24ed74d9d4aca966169d530a96ecf937c75f7459c5ffea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thequickbooksguy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 06 May 2022 19:29:13 GMT
Last-Modified
Wed, 15 Aug 2018 17:24:33 GMT
Server
Apache/2.2.34
ETag
"a61e6f-93b3-5737c9999b04a"
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
37811
site.css
www.thequickbooksguy.org/ 		6 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.thequickbooksguy.org/site.css?v=1.03
Requested by
Host: www.thequickbooksguy.org
URL: https://www.thequickbooksguy.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.232.109 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
buildyourfirm.com
Software
Apache/2.2.34 /
Resource Hash
e863b6802b3d9cafbca6cd06636275eaacfa1d5185a58ec73b75add79c43d672

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thequickbooksguy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 06 May 2022 19:29:13 GMT
Last-Modified
Mon, 23 Aug 2021 14:56:32 GMT
Server
Apache/2.2.34
ETag
"a61eb9-19a1-5ca3b39076a5c"
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
6561
Quickbooks-Guy-Logo.png
www.thequickbooksguy.org/site_images/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thequickbooksguy.org/site_images/Quickbooks-Guy-Logo.png
Requested by
Host: www.thequickbooksguy.org
URL: https://www.thequickbooksguy.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.232.109 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
buildyourfirm.com
Software
Apache/2.2.34 /
Resource Hash
6956569caa1c23ab7d313240e68a4bd7062dafccd3b32769903548e3e4e6ff48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thequickbooksguy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 06 May 2022 19:29:13 GMT
Last-Modified
Mon, 15 Jun 2020 08:42:43 GMT
Server
Apache/2.2.34
ETag
"a62e0e-2d3b-5a81b69082917"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
11579
virtual2.jpg
www.thequickbooksguy.org/site_images/ 		110 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thequickbooksguy.org/site_images/virtual2.jpg
Requested by
Host: www.thequickbooksguy.org
URL: https://www.thequickbooksguy.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.232.109 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
buildyourfirm.com
Software
Apache/2.2.34 /
Resource Hash
86671b17393d16cdc567a736b2066a0251e6862fc4a510c46ea044a59ca359e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thequickbooksguy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 06 May 2022 19:29:13 GMT
Last-Modified
Mon, 09 Aug 2021 18:57:31 GMT
Server
Apache/2.2.34
ETag
"a62f7b-1b986-5c924f51491c3"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
113030
750-1.jpg
www.thequickbooksguy.org/site_images/ 		158 KB
158 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thequickbooksguy.org/site_images/750-1.jpg
Requested by
Host: www.thequickbooksguy.org
URL: https://www.thequickbooksguy.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.232.109 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
buildyourfirm.com
Software
Apache/2.2.34 /
Resource Hash
7c8c20bb757369f4dd8befcb680863fda0cc76ebc344db9b1941161947b06168

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thequickbooksguy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 06 May 2022 19:29:14 GMT
Last-Modified
Thu, 11 Jun 2020 21:09:34 GMT
Server
Apache/2.2.34
ETag
"a62cda-277e2-5a7d560a71527"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
161762
virtual-payroll.jpg
www.thequickbooksguy.org/site_images/ 		85 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thequickbooksguy.org/site_images/virtual-payroll.jpg
Requested by
Host: www.thequickbooksguy.org
URL: https://www.thequickbooksguy.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.232.109 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
buildyourfirm.com
Software
Apache/2.2.34 /
Resource Hash
acee68cb3b7a961c92b100c794a901b4ef1ae868389071db467415de770cf379

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thequickbooksguy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 06 May 2022 19:29:14 GMT
Last-Modified
Mon, 09 Aug 2021 20:08:20 GMT
Server
Apache/2.2.34
ETag
"a62f19-155bc-5c925f253cc62"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
87484
keyboard-hands.jpg
www.thequickbooksguy.org/site_images/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thequickbooksguy.org/site_images/keyboard-hands.jpg
Requested by
Host: www.thequickbooksguy.org
URL: https://www.thequickbooksguy.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.232.109 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
buildyourfirm.com
Software
Apache/2.2.34 /
Resource Hash
4d859246ef76d6dcd92ad1cba18fc00f3ccaacafbb22c4cba1bf5288843120dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thequickbooksguy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 06 May 2022 19:29:14 GMT
Last-Modified
Mon, 09 Aug 2021 18:20:29 GMT
Server
Apache/2.2.34
ETag
"a61ebe-744e-5c92470ac86c2"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
29774
qbnew.jpg
www.thequickbooksguy.org/site_images/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thequickbooksguy.org/site_images/qbnew.jpg
Requested by
Host: www.thequickbooksguy.org
URL: https://www.thequickbooksguy.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.232.109 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
buildyourfirm.com
Software
Apache/2.2.34 /
Resource Hash
b1d41b755e8646826844384c354195784c1dc5428dbc599afdf7ec279f1f93d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thequickbooksguy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 06 May 2022 19:29:14 GMT
Last-Modified
Mon, 09 Aug 2021 20:05:48 GMT
Server
Apache/2.2.34
ETag
"a62e4f-9ec4-5c925e948855b"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
40644
online-woman.jpg
www.thequickbooksguy.org/site_images/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thequickbooksguy.org/site_images/online-woman.jpg
Requested by
Host: www.thequickbooksguy.org
URL: https://www.thequickbooksguy.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.232.109 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
buildyourfirm.com
Software
Apache/2.2.34 /
Resource Hash
b5d19a6f8ad54d064f1aacf74f8e95797fe6a338c7adef5082015ffe88a38e57

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thequickbooksguy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 06 May 2022 19:29:14 GMT
Last-Modified
Mon, 09 Aug 2021 18:43:42 GMT
Server
Apache/2.2.34
ETag
"a61ec3-bdb8-5c924c3a7401a"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
48568
Desktop.png
www.thequickbooksguy.org/site_images/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thequickbooksguy.org/site_images/Desktop.png
Requested by
Host: www.thequickbooksguy.org
URL: https://www.thequickbooksguy.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.232.109 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
buildyourfirm.com
Software
Apache/2.2.34 /
Resource Hash
9cd6d442c1737377dba843f790099108e3a0e4b08aaa01a993be29df18b9bd3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thequickbooksguy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 06 May 2022 19:29:14 GMT
Last-Modified
Fri, 24 Aug 2018 16:42:38 GMT
Server
Apache/2.2.34
ETag
"a62ef9-381e-5743110429812"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
14366
Online.png
www.thequickbooksguy.org/site_images/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thequickbooksguy.org/site_images/Online.png
Requested by
Host: www.thequickbooksguy.org
URL: https://www.thequickbooksguy.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.232.109 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
buildyourfirm.com
Software
Apache/2.2.34 /
Resource Hash
4e03f3f0586ccec54bfa359be11417b55fb492c860c97d3ec39b61cf734689a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thequickbooksguy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 06 May 2022 19:29:14 GMT
Last-Modified
Fri, 24 Aug 2018 16:42:38 GMT
Server
Apache/2.2.34
ETag
"a61eba-3856-5743110429812"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
14422
jquery-3.3.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.3.1.min.js
Requested by
Host: www.thequickbooksguy.org
URL: https://www.thequickbooksguy.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer
https://www.thequickbooksguy.org/
Origin
https://www.thequickbooksguy.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 19:29:13 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-1538f"
vary
Accept-Encoding
x-hw
1651865353.dop128.am5.t,1651865353.cds300.am5.hn,1651865353.cds006.am5.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30288
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
Requested by
Host: www.thequickbooksguy.org
URL: https://www.thequickbooksguy.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thequickbooksguy.org/
Origin
https://www.thequickbooksguy.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 19:29:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
763499
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6157
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-4af4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j9xDX4ZXuxlm%2FFypxphzHo9ZrpIPRr9%2FwrKX9fevzd7EWtGxhGWqu9mzsULfQm34ukvnQXU3u1GlPbZSbemb8X%2FYxW%2BCQ5Jv05KNCrNfp03mZWRENqlP8DTu6ibs6X3En30c%2BSSaXu%2FIuHRi4ei%2BJysf"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
70741f9cde13910c-FRA
expires
Wed, 26 Apr 2023 19:29:13 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ 		48 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
Requested by
Host: www.thequickbooksguy.org
URL: https://www.thequickbooksguy.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thequickbooksguy.org/
Origin
https://www.thequickbooksguy.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 19:29:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
cdn-edgestorageid
864
access-control-allow-origin
*
cdn-cachedat
03/12/2022 06:17:05
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver
1.02
timing-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:04 GMT
server
cloudflare
cdn-requestpullcode
200
etag
W/"14d449eb8876fa55e1ef3c2cc52b0c17"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
8d1112ecdafb92ccc19f4ebe611ad726
cf-ray
70741f9cdc379a2d-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
layout420.js
www.thequickbooksguy.org/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thequickbooksguy.org/js/layout420.js
Requested by
Host: www.thequickbooksguy.org
URL: https://www.thequickbooksguy.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.232.109 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
buildyourfirm.com
Software
Apache/2.2.34 /
Resource Hash
a1dc79e09084af001d0a724e61672432ffeaaae7638f51cb4bf142246abafe42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thequickbooksguy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 06 May 2022 19:29:13 GMT
Last-Modified
Wed, 15 Aug 2018 17:24:33 GMT
Server
Apache/2.2.34
ETag
"a61e96-c82-5737c9999893a"
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
3202
byf-animate.js
www.thequickbooksguy.org/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thequickbooksguy.org/js/byf-animate.js
Requested by
Host: www.thequickbooksguy.org
URL: https://www.thequickbooksguy.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.232.109 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
buildyourfirm.com
Software
Apache/2.2.34 /
Resource Hash
561ecfc6b61c9ac6b9f1ae153d2142a9bc64429d3dd010641eb0033a13d9ad05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thequickbooksguy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 06 May 2022 19:29:14 GMT
Last-Modified
Wed, 15 Aug 2018 17:24:33 GMT
Server
Apache/2.2.34
ETag
"a61e97-446-5737c99998d22"
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
1094
svg.js
www.thequickbooksguy.org/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thequickbooksguy.org/js/svg.js
Requested by
Host: www.thequickbooksguy.org
URL: https://www.thequickbooksguy.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.232.109 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
buildyourfirm.com
Software
Apache/2.2.34 /
Resource Hash
22782b61f69e9689cf688ee4fe9df9ef111adedd35f696f5efe6db7a8c332801

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thequickbooksguy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 06 May 2022 19:29:14 GMT
Last-Modified
Wed, 15 Aug 2018 17:24:33 GMT
Server
Apache/2.2.34
ETag
"a61e98-46a-5737c99998d22"
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
1130
truncated
/ 		137 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b307c4ae27381c0bc19983833f7bc324bb100468b4f22bdd7594b179c836aa4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		137 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3bc188ffa450c649d95d661372fddb6bbdf17e7d63578d499ab98b984da8381

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
cloud-home3.jpg
www.thequickbooksguy.org/site_images/ 		217 KB
217 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thequickbooksguy.org/site_images/cloud-home3.jpg
Requested by
Host: www.thequickbooksguy.org
URL: https://www.thequickbooksguy.org/site.css?v=1.03
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.232.109 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
buildyourfirm.com
Software
Apache/2.2.34 /
Resource Hash
e10fa58ee85999ef965e76d06507cc50655e631a452afb13e4ca6518e0d70539

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thequickbooksguy.org/site.css?v=1.03
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 06 May 2022 19:29:14 GMT
Last-Modified
Mon, 09 Aug 2021 18:11:27 GMT
Server
Apache/2.2.34
ETag
"a62ddf-36252-5c92450579377"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
221778
cloud-background2.jpg
www.thequickbooksguy.org/site_images/ 		147 KB
147 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thequickbooksguy.org/site_images/cloud-background2.jpg
Requested by
Host: www.thequickbooksguy.org
URL: https://www.thequickbooksguy.org/site.css?v=1.03
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.232.109 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
buildyourfirm.com
Software
Apache/2.2.34 /
Resource Hash
59584fc33decbb4aa790f9f8829d3831fc18ab6b38bcb6dae472426e2282099c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thequickbooksguy.org/site.css?v=1.03
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 06 May 2022 19:29:14 GMT
Last-Modified
Mon, 09 Aug 2021 18:14:15 GMT
Server
Apache/2.2.34
ETag
"a61ebc-24b4e-5c9245a5e374e"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
150350
fa-solid-900.woff2
use.fontawesome.com/releases/v5.0.13/webfonts/ 		49 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.13/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.0.13/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbbca7d9888b4a9eab7d479756d2924f9b067fd38dab376797029df741f96ee4

Request headers

Referer
https://use.fontawesome.com/releases/v5.0.13/css/all.css
Origin
https://www.thequickbooksguy.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 19:29:14 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
5N36PYKE9GCC9M5X
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
50372
x-amz-id-2
3IXaBYC46rdHPOXSQN+gf2OqV2ejBVfK2QnH1SHj7kcqKFqAk+deuRTTwpVW4iwPeGVlF9eqfE0=
last-modified
Wed, 30 Jun 2021 15:27:47 GMT
server
cloudflare
etag
"8a8c0474283e0d9ef41743e5e486bf05"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bu51SrHFYpQBQ0U%2BPusGd5j8lLcDWDrnWtU5HNuY3sOqT8ClPw7qITKaLNOHLiDmLo7jT7wdW3NDepeYWrhImNs0Qn16Xhq8V%2BDueX1gJ2BpDHwIVE0m0IbZ55cj1djJNkHcQ6ihuNf0afDbuXuIyg4x"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
70741f9fff5691f5-FRA
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.thequickbooksguy.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 03 May 2022 22:45:07 GMT
x-content-type-options
nosniff
age
247447
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 22:03:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 May 2023 22:45:07 GMT
LDIxapCSOBg7S-QT7p4HM-Y.woff2
fonts.gstatic.com/s/rajdhani/v15/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rajdhani/v15/LDIxapCSOBg7S-QT7p4HM-Y.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rajdhani:400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
759a9000e47b028799d7a4ca602634a7ac7adf415775df070a335d18d9b66f38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.thequickbooksguy.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 04 May 2022 21:25:50 GMT
x-content-type-options
nosniff
age
165804
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14976
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 15:42:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 May 2023 21:25:50 GMT
LDI2apCSOBg7S-QT7pb0EPOreec.woff2
fonts.gstatic.com/s/rajdhani/v15/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rajdhani/v15/LDI2apCSOBg7S-QT7pb0EPOreec.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rajdhani:400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
23afdb9b5b89b878fab04d80cc30bf41bb4f3f7e8be88e5f16a7cc7671cdb2dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.thequickbooksguy.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 04 May 2022 19:35:38 GMT
x-content-type-options
nosniff
age
172416
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15084
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 15:47:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 May 2023 19:35:38 GMT
fa-regular-400.woff2
use.fontawesome.com/releases/v5.0.13/webfonts/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.13/webfonts/fa-regular-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.0.13/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b4c97a2809cdb53153139544e1f5db34e4917c8f01d2dd94cb9519e24e1ab3c

Request headers

Referer
https://use.fontawesome.com/releases/v5.0.13/css/all.css
Origin
https://www.thequickbooksguy.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 19:29:14 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
5N322YZNWNE9MCJJ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12188
x-amz-id-2
YSNh492Nh6OcZ7M8sHi0w0aOTK/YrJfDWwOY1FzuLJv3smwRCu9LNFuvJI3ObbmXzHviosA7Xd8=
last-modified
Wed, 30 Jun 2021 15:27:47 GMT
server
cloudflare
etag
"33f727ccde4b05c0ed143c5cd78cda0c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ksa4oaOIgAlt6%2F2%2BSXHY%2B1HezZtBzk15H%2Bg%2BorEaKaTc46P245TgWx1BV8N8SLeysC4%2B8WcC3Am6bP3NS2lJkZ6V0sTCS3MXjgbB33G0CzLDSsl0F7Be5aUe0x8ILqo2gsooY7%2FBYquc5z3vo4tv%2FRY4"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
70741f9fff5a91f5-FRA
LDI2apCSOBg7S-QT7pbYF_Oreec.woff2
fonts.gstatic.com/s/rajdhani/v15/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rajdhani/v15/LDI2apCSOBg7S-QT7pbYF_Oreec.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rajdhani:400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
433a7007e4747a02a790167a6efa2625855f013970ba49b9b739a5d3db8b2601
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.thequickbooksguy.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 04 May 2022 20:17:00 GMT
x-content-type-options
nosniff
age
169934
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:21:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 May 2023 20:17:00 GMT
memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
fonts.gstatic.com/s/opensans/v28/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v28/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f27408b033a0195d0f29b0ecbc143f470c4fbb0807472a688b2f9e66403651e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.thequickbooksguy.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 03 May 2022 22:53:49 GMT
x-content-type-options
nosniff
age
246925
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17768
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 22:01:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 May 2023 22:53:49 GMT
fa-brands-400.woff2
use.fontawesome.com/releases/v5.0.13/webfonts/ 		60 KB
60 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.13/webfonts/fa-brands-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.0.13/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ddd3b7b68a96da02979f972e4e9a8b6af63b5a17c75d7c7e0e3901d9f3a729c

Request headers

Referer
https://use.fontawesome.com/releases/v5.0.13/css/all.css
Origin
https://www.thequickbooksguy.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 19:29:14 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
5N31C6ZF9BE81FB0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
61336
x-amz-id-2
H/Db05bXO3qBOr9b1u4DS4h4rMlEP2WOCXHabyRdoqdm96cwnxbHFE12EMBhzVSa3G8ZGblIlkA=
last-modified
Wed, 30 Jun 2021 15:27:47 GMT
server
cloudflare
etag
"3654744dc6d6c37c9b3582b57622df5e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uMrrqLTBYTCLqWsz%2FEs3TcchTIjKwDcLrO%2BluI8wHAwLbxlKMertRQPfG6k6Xae1vKQBVULEV38zidGZEg673SAI5OIiAbXBq08NSvhiWGxDAwDVsui%2FSgmnsu3YmvXuJ71CYFyaVWInfqwpNFkqK%2B8D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
70741f9fff5e91f5-FRA

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails function| $ function| jQuery function| Popper object| bootstrap object| _0xfb44

1 Cookies

Domain/Path Name / Value
www.thequickbooksguy.org/ Name: PHPSESSID
Value: 39ab1dba06d353f85f147c83edfe4e30

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
use.fontawesome.com
www.accountant-construction.com
www.thequickbooksguy.org
2001:4de0:ac18::1:a:2a
2606:4700::6811:180e
2606:4700::6812:bcf
2a00:1450:4001:802::2003
2a00:1450:4001:82f::200a
2a06:98c1:3120::a
69.16.232.109
0be396cb1ef102e42543ba6af206fb8a87ad4fd9d8fde248ee50affe62f597d4
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1b4c97a2809cdb53153139544e1f5db34e4917c8f01d2dd94cb9519e24e1ab3c
1ddd3b7b68a96da02979f972e4e9a8b6af63b5a17c75d7c7e0e3901d9f3a729c
22782b61f69e9689cf688ee4fe9df9ef111adedd35f696f5efe6db7a8c332801
23afdb9b5b89b878fab04d80cc30bf41bb4f3f7e8be88e5f16a7cc7671cdb2dc
2c0af72794572a2a76cb7b987ee3968f27f5ba31cb54ae0b4db990c88c5e360f
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
3adf7098f0bafa0f7039faace9658758e18523c2e8b3d6e468fa290bba9492c1
433a7007e4747a02a790167a6efa2625855f013970ba49b9b739a5d3db8b2601
43730866612149a27f49159d7c4f19185c8694bb91bf41abc884a6fe1346e96e
4d859246ef76d6dcd92ad1cba18fc00f3ccaacafbb22c4cba1bf5288843120dc
4e03f3f0586ccec54bfa359be11417b55fb492c860c97d3ec39b61cf734689a2
561ecfc6b61c9ac6b9f1ae153d2142a9bc64429d3dd010641eb0033a13d9ad05
59584fc33decbb4aa790f9f8829d3831fc18ab6b38bcb6dae472426e2282099c
6956569caa1c23ab7d313240e68a4bd7062dafccd3b32769903548e3e4e6ff48
6c14bc417fc0048d5c24ed74d9d4aca966169d530a96ecf937c75f7459c5ffea
759a9000e47b028799d7a4ca602634a7ac7adf415775df070a335d18d9b66f38
7c8c20bb757369f4dd8befcb680863fda0cc76ebc344db9b1941161947b06168
86671b17393d16cdc567a736b2066a0251e6862fc4a510c46ea044a59ca359e9
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
9cd6d442c1737377dba843f790099108e3a0e4b08aaa01a993be29df18b9bd3d
a1dc79e09084af001d0a724e61672432ffeaaae7638f51cb4bf142246abafe42
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
acee68cb3b7a961c92b100c794a901b4ef1ae868389071db467415de770cf379
b1d41b755e8646826844384c354195784c1dc5428dbc599afdf7ec279f1f93d3
b307c4ae27381c0bc19983833f7bc324bb100468b4f22bdd7594b179c836aa4a
b3bc188ffa450c649d95d661372fddb6bbdf17e7d63578d499ab98b984da8381
b5d19a6f8ad54d064f1aacf74f8e95797fe6a338c7adef5082015ffe88a38e57
c9bdfc045a978ddccb2326740ccdf355472a2d0c9a2d2e9762b4a97269a7feaa
cbbca7d9888b4a9eab7d479756d2924f9b067fd38dab376797029df741f96ee4
e10fa58ee85999ef965e76d06507cc50655e631a452afb13e4ca6518e0d70539
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
e863b6802b3d9cafbca6cd06636275eaacfa1d5185a58ec73b75add79c43d672
f27408b033a0195d0f29b0ecbc143f470c4fbb0807472a688b2f9e66403651e0