urlscan.io logo urlscan.io
SecurityTrails logo

express.qudurat.com Open in urlscan Pro
50.28.8.12  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://express.qudurat.com/
Effective URL: https://express.qudurat.com/
Submission: On May 18 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 8 domains to perform 28 HTTP transactions. The main IP is 50.28.8.12, located in United States and belongs to LIQUIDWEB, US. The main domain is express.qudurat.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on April 20th 2024. Valid for: 3 months.
This is the only time express.qudurat.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 50.28.8.12 32244 (LIQUIDWEB)
3 172.66.43.156 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 172.67.133.28 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.17.25.14 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
4 172.67.139.119 13335 (CLOUDFLAR...)
2 2001:4860:480... 15169 (GOOGLE)
28 11
10    50.28.8.12 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: host.dalilk4ielts.com
express.qudurat.com
3    172.66.43.156 (United States)

ASN13335 (CLOUDFLARENET, US)
dalilk4ielts.com
1    2606:4700:4400::6812:2844 (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
1    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    172.67.133.28 (United States)

ASN13335 (CLOUDFLARENET, US)
qudurat.com
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2606:4700::6811:f7cb (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
2    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    172.67.139.119 (United States)

ASN13335 (CLOUDFLARENET, US)
ka-f.fontawesome.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
11 qudurat.com
express.qudurat.com
qudurat.com
9 MB
5 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 1866
ka-f.fontawesome.com — Cisco Umbrella Rank: 4530
101 KB
3 dalilk4ielts.com
dalilk4ielts.com
86 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2533
311 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
168 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 771
6 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
ajax.googleapis.com — Cisco Umbrella Rank: 380
32 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 237
11 KB
28 8
Domain Requested by
10 express.qudurat.com express.qudurat.com
4 ka-f.fontawesome.com kit.fontawesome.com
express.qudurat.com
3 dalilk4ielts.com express.qudurat.com
dalilk4ielts.com
2 region1.google-analytics.com www.googletagmanager.com
2 www.googletagmanager.com express.qudurat.com
www.googletagmanager.com
2 unpkg.com express.qudurat.com
1 cdnjs.cloudflare.com express.qudurat.com
1 ajax.googleapis.com express.qudurat.com
1 qudurat.com express.qudurat.com
1 fonts.googleapis.com express.qudurat.com
1 kit.fontawesome.com express.qudurat.com
28 11

This site contains no links.

Subject Issuer Validity Valid
express.qudurat.com
cPanel, Inc. Certification Authority		 2024-04-20 -
2024-07-19		 3 months crt.sh
dalilk4ielts.com
GTS CA 1P5		 2024-03-27 -
2024-06-25		 3 months crt.sh
*.fontawesome.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-04 -
2025-01-03		 a year crt.sh
upload.video.google.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
qudurat.com
GTS CA 1P5		 2024-05-15 -
2024-08-13		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
unpkg.com
GTS CA 1P5		 2024-04-01 -
2024-06-30		 3 months crt.sh
*.google-analytics.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
ka-f.fontawesome.com
GTS CA 1P5		 2024-05-03 -
2024-08-01		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://express.qudurat.com/
Frame ID: 2EDA26DE9E2704D7583E2BAD6BBAE8E9
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

تحدي القدرات!

Page URL History Show full URLs

  1. http://express.qudurat.com/ HTTP 307
    https://express.qudurat.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

100 %
HTTPS

55 %
IPv6

8
Domains

11
Subdomains

11
IPs

3
Countries

9162 kB
Transfer

10019 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://express.qudurat.com/ HTTP 307
    https://express.qudurat.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
express.qudurat.com/
Redirect Chain
  • http://express.qudurat.com/
  • https://express.qudurat.com/
7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://express.qudurat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.28.8.12 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.dalilk4ielts.com
Software
Apache /
Resource Hash
b71cb94e4f5fb0dab083196586aefc34b379a37c0418a81de749ac223484940a

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

cache-control
max-age=600
content-encoding
gzip
content-length
2390
content-type
text/html; charset=UTF-8
date
Sat, 18 May 2024 11:59:47 GMT
expires
Sat, 18 May 2024 12:09:47 GMT
server
Apache
vary
Accept-Encoding,User-Agent

Redirect headers

Location
https://express.qudurat.com/
Non-Authoritative-Reason
HttpsUpgrades
all.min.css
dalilk4ielts.com/dk-admin/vendor/fontawesome-free/css/ 		53 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dalilk4ielts.com/dk-admin/vendor/fontawesome-free/css/all.min.css
Requested by
Host: express.qudurat.com
URL: https://express.qudurat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.43.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://express.qudurat.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 11:59:47 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
871308
alt-svc
h3=":443"; ma=86400
content-length
11814
last-modified
Sat, 20 Nov 2021 15:07:38 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aIpPoJKnUIHN8JJqDJLFAlYIXHytMgrk4TylQe%2BsS5DFXaYvLmQs5So9lUXUEvM%2FGL8EnSuPZ6Z3WHao7mEVWyoKzIatkQMwWj8Fu9i9wE5xGdPARssWmpxg8NjX7VxWW2k%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
885baee31afa35ac-WAW
expires
Sun, 26 May 2024 13:07:27 GMT
cf637e6719.js
kit.fontawesome.com/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/cf637e6719.js
Requested by
Host: express.qudurat.com
URL: https://express.qudurat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ed1143f1c34c67adb5a5a1f4477a18c7b1821dab0bf555ffd7d71225dcf099

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://express.qudurat.com/
Origin
https://express.qudurat.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 11:59:48 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
server
cloudflare
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
content-type
text/javascript
cache-control
max-age=60, public, stale-while-revalidate=30
cf-ray
885baee34eda3a3e-FRA
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
F88FI1XdU5BP10kdRFgC
css
fonts.googleapis.com/ 		23 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i
Requested by
Host: express.qudurat.com
URL: https://express.qudurat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
15e43a1366b7c320c12ace3497892fd0eff14b08d3db0d833874c7a65712fa18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://express.qudurat.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sat, 18 May 2024 11:59:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 18 May 2024 10:35:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 18 May 2024 11:59:47 GMT
fonts.css
dalilk4ielts.com/dk-admin/fonts/ 		510 B
711 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dalilk4ielts.com/dk-admin/fonts/fonts.css
Requested by
Host: express.qudurat.com
URL: https://express.qudurat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.43.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cc5fbb9613c54390c1ebfeb40bb06c98ba3276c1f41943ab1cf28134d88dfed

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://express.qudurat.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 11:59:47 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1891516
cf-polished
origSize=616
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 09 Jan 2022 07:45:38 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0jDSZdM69obg9X2entVNQrM%2FX6nC%2B4FW%2FBwP%2By%2FOIaTfuNOTov9tYpsR%2Bp3Hk7BaJEVPIHs4oxUMGaV%2BsVVdvsNJ5RJo26HXyqgpfqeqcdEkh2fck7uWhMGzwOGcjscLTpk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
885baee31af935ac-WAW
expires
Sun, 26 May 2024 13:07:21 GMT
dk-admin.css
qudurat.com/ 		211 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://qudurat.com/dk-admin.css?v=6
Requested by
Host: express.qudurat.com
URL: https://express.qudurat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.133.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d9479067df6ac972246c21e54e64eca044c129718fd6d1c6d8f96ebd4b51590

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://express.qudurat.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 11:59:47 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2053702
alt-svc
h3=":443"; ma=86400
content-length
30178
last-modified
Tue, 28 Nov 2023 07:36:43 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yjbBhXlVknhHwjruBsalX3IQznK5fTgq2dLBTyrm0T%2FpaYNMpaYCGnmtSXB3ikJltuI2ZGr5ruGZ0yPy1nnRapUQMn7XYz%2Fmk5l5QrkvRHTCAt9f5wt%2Ba9sBKWGBkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
885baee308e73838-FRA
expires
Fri, 24 May 2024 17:31:25 GMT
landing.css
express.qudurat.com/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://express.qudurat.com/css/landing.css?v=6
Requested by
Host: express.qudurat.com
URL: https://express.qudurat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.28.8.12 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.dalilk4ielts.com
Software
Apache /
Resource Hash
5a22d23d43dc202432141d0009f8eef0116cb98aa63b85e65481eba112db0313

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://express.qudurat.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 11:59:47 GMT
content-encoding
gzip
last-modified
Wed, 24 Apr 2024 16:16:44 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1160
expires
Mon, 17 Jun 2024 11:59:47 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: express.qudurat.com
URL: https://express.qudurat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://express.qudurat.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 22:14:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49514
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 17 May 2025 22:14:33 GMT
owl.carousel.min.js
cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/ 		43 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/owl.carousel.min.js
Requested by
Host: express.qudurat.com
URL: https://express.qudurat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://express.qudurat.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 11:59:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5689607
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10158
last-modified
Mon, 04 May 2020 16:04:00 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03cf0-ad36"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KTBUv4%2BOgPm%2BRbxH4eDCeiBIA6vNggqcdWJQTFbDd4O0su5e%2Fnj4jN%2B7esPA4TejxDRGx0RJnljy1S4ThfxiY%2BDb1%2FLeTn6%2B8%2BuyvJjAjVfzgHlwYX1FTeNWztDfNN1x%2FoRdlJj%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
885baee2ffe065d9-FRA
expires
Thu, 08 May 2025 11:59:47 GMT
aos.css
unpkg.com/aos@2.3.1/dist/ 		25 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/aos@2.3.1/dist/aos.css
Requested by
Host: express.qudurat.com
URL: https://express.qudurat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f7cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://express.qudurat.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 11:59:47 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
5689612
last-modified
Thu, 17 May 2018 22:11:13 GMT
fly-request-id
01HRW73VV6PZEM1DDHST3D5N5N-fra
server
cloudflare
etag
W/"65c5-BVfTdFS2f0LyyxAeV+UHD7EZNXA"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
885baee34f2a2bb9-FRA
aos.js
unpkg.com/aos@2.3.1/dist/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/aos@2.3.1/dist/aos.js
Requested by
Host: express.qudurat.com
URL: https://express.qudurat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f7cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f268612ba59ead1b24353bb77d66783bcc435aff1c22be5f93c40bac3869968e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://express.qudurat.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 11:59:47 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
5680781
last-modified
Thu, 17 May 2018 22:11:13 GMT
fly-request-id
01HRWFHAF8SKKDG260QG5VXNSB-fra
server
cloudflare
etag
W/"379f-cNv9OKDx/DsafZ+tq1h4ZITDTxc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
885baee34f2b2bb9-FRA
logo-v2-0.5x.png
express.qudurat.com/images/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://express.qudurat.com/images/logo-v2-0.5x.png
Requested by
Host: express.qudurat.com
URL: https://express.qudurat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.28.8.12 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.dalilk4ielts.com
Software
Apache /
Resource Hash
9c834dd70d8bd77561d25a39a16167c02f4b0508953cf3df59deabd54e3cb5a4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://express.qudurat.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 11:59:47 GMT
last-modified
Wed, 24 Apr 2024 15:18:33 GMT
server
Apache
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
68429
expires
Mon, 17 Jun 2024 11:59:47 GMT
logo-white.png
express.qudurat.com/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://express.qudurat.com/images/logo-white.png
Requested by
Host: express.qudurat.com
URL: https://express.qudurat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.28.8.12 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.dalilk4ielts.com
Software
Apache /
Resource Hash
4aa4c78d4d9423cabfbf2e0b4d2e34681c90eb0bb0907752f96312512a32e1c9

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://express.qudurat.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 11:59:48 GMT
last-modified
Wed, 24 Apr 2024 15:18:17 GMT
server
Apache
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
4800
expires
Mon, 17 Jun 2024 11:59:48 GMT
forest-bg.jpg
express.qudurat.com/images/ 		253 KB
253 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://express.qudurat.com/images/forest-bg.jpg
Requested by
Host: express.qudurat.com
URL: https://express.qudurat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.28.8.12 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.dalilk4ielts.com
Software
Apache /
Resource Hash
2c614afd1ec5935b2dc1b7c3c375d4e69bc20580dcdef56d5acd70663822f9f9

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://express.qudurat.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 11:59:47 GMT
last-modified
Wed, 24 Apr 2024 16:16:48 GMT
server
Apache
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
259022
expires
Mon, 17 Jun 2024 11:59:47 GMT
adventurer.gif
express.qudurat.com/images/ 		8 MB
8 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://express.qudurat.com/images/adventurer.gif
Requested by
Host: express.qudurat.com
URL: https://express.qudurat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.28.8.12 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.dalilk4ielts.com
Software
Apache /
Resource Hash
08cdc9ca139563f38f0306b133785fe99c0bf6d282b09265640097d9c73b45f1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://express.qudurat.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 11:59:48 GMT
last-modified
Wed, 24 Apr 2024 16:17:20 GMT
server
Apache
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
8281568
expires
Mon, 17 Jun 2024 11:59:48 GMT
adventurer0.5.png
express.qudurat.com/images/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://express.qudurat.com/images/adventurer0.5.png
Requested by
Host: express.qudurat.com
URL: https://express.qudurat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.28.8.12 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.dalilk4ielts.com
Software
Apache /
Resource Hash
4ef85f4b663e94892e03978447f28fa9cac9670fa12d094c86e6e0cb96da7191

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://express.qudurat.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 11:59:48 GMT
last-modified
Wed, 24 Apr 2024 16:17:02 GMT
server
Apache
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
13591
expires
Mon, 17 Jun 2024 11:59:48 GMT
gtm.js
www.googletagmanager.com/ 		190 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P4D3J5V9
Requested by
Host: express.qudurat.com
URL: https://express.qudurat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
db35be90b560fe61e56c4a12bc87f9f993a0114e93706ae44c018a24753360d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://express.qudurat.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 11:59:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69455
x-xss-protection
0
last-modified
Sat, 18 May 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 18 May 2024 11:59:48 GMT
free.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		59 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=cf637e6719
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/cf637e6719.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://express.qudurat.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 11:59:48 GMT
content-encoding
gzip
via
1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C2
age
13491
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=72%2B46Q71igMEknx3UjNGGN7KkpSVN%2FiNwmtc%2BblWwQk3N99Oi9zrXheV1HsQ4Zk1nfnMmQ8wbhH%2FmexfbWlasIEJWW6d%2FSYUy9DYyWRxUhRiBPdALiFNNz%2FfB4QKWiTfVbsc2LoEIg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
885baee70d0290e2-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
bE3auoW-91gYhMX02Cw8zlR-WA9yNYZIpWsZ01gr5F-8ulqp6b3CTQ==
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		26 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=cf637e6719
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/cf637e6719.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://express.qudurat.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 11:59:48 GMT
content-encoding
gzip
via
1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C2
age
131028
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"76f34b71fc9fb641507ff6a822cc07f5"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1Cg9P%2BRkPIN3ExzHMRJmZQLJ1T%2B83ScJ6g2OP98OfolKr0ZusPTw3jNYftrXpFcQfofKoEfnJO%2FcgKpjafTCZeSxlFPksq3wimqHLowVxxF9H3cTTWIXiJ5GPRzvr5L%2FEdjyCiwohg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
885baee70cff90e2-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
nM28T1EqFtXFEDxZgdF34cX1FBvrcN-bPBlr5BJH7-FYop-h8xsNuQ==
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=cf637e6719
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/cf637e6719.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://express.qudurat.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 11:59:48 GMT
content-encoding
gzip
via
1.1 ac059d7185137233d6f58dd3345e3798.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
AMS1-P2
age
436024
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X1M%2BrU4tpmETUGG5Q86GB9lGYdGdl6Kjtvjv3EAqoXEqCimi2%2BPRsYq2%2Bt28sjQK0nZqtm1E4iLsV54vumQCSWNidNk0%2BP8e1ZL4OoubkqF3XPktKJ1bn2ulhuNt4sHlHqPhcif3dA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
885baee70cfd90e2-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
uFQIFRYQ_8DFOxbnpU9PEvtufo13EG5NIcua7j9FTjA_I8NtkNicQA==
ChildosArabic-Regular.otf
express.qudurat.com/font/ 		169 KB
124 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://express.qudurat.com/font/ChildosArabic-Regular.otf
Requested by
Host: express.qudurat.com
URL: https://express.qudurat.com/css/landing.css?v=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.28.8.12 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.dalilk4ielts.com
Software
Apache /
Resource Hash
7d7a2da1e64f04c726521342519bbc963d2040fa36dc2370d08855a0f80f7eb6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://express.qudurat.com/css/landing.css?v=6
Origin
https://express.qudurat.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 11:59:48 GMT
content-encoding
gzip
last-modified
Wed, 24 Apr 2024 15:19:12 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
font/otf
cache-control
max-age=172800
accept-ranges
bytes
expires
Mon, 20 May 2024 11:59:48 GMT
ChildosArabic-Bold.otf
express.qudurat.com/font/ 		160 KB
113 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://express.qudurat.com/font/ChildosArabic-Bold.otf
Requested by
Host: express.qudurat.com
URL: https://express.qudurat.com/css/landing.css?v=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.28.8.12 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.dalilk4ielts.com
Software
Apache /
Resource Hash
bb5b2faae2f23dcf4c3835438ced2cb2865180ecad7812ba0ab61ac9cdb79856

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://express.qudurat.com/css/landing.css?v=6
Origin
https://express.qudurat.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 11:59:48 GMT
content-encoding
gzip
last-modified
Wed, 24 Apr 2024 15:19:11 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
font/otf
cache-control
max-age=172800
accept-ranges
bytes
expires
Mon, 20 May 2024 11:59:48 GMT
fa-solid-900.woff2
dalilk4ielts.com/dk-admin/vendor/fontawesome-free/webfonts/ 		73 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dalilk4ielts.com/dk-admin/vendor/fontawesome-free/webfonts/fa-solid-900.woff2
Requested by
Host: dalilk4ielts.com
URL: https://dalilk4ielts.com/dk-admin/vendor/fontawesome-free/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.43.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f9ee3d8f6e621642979e6a8f7e75c57cb9da34918cc08a38abfe178dbae1dd2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://dalilk4ielts.com/dk-admin/vendor/fontawesome-free/css/all.min.css
Origin
https://express.qudurat.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 11:59:48 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sat, 20 Nov 2021 15:07:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
160624
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EqSAnUoKAtslNHD9cpDHinzAqTTO%2FvfFmSLgu8I7zyIa6ssp2vKGkXuupV8qAY9t2XGrFxFXAuCIvl94UZMrHxZfYUli5N2UXa8dt8QuDhfI6wF6OSPbNXbN8oEIoceuni0%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
885baee74e07bfc1-WAW
alt-svc
h3=":443"; ma=86400
expires
Wed, 12 Jun 2024 05:56:35 GMT
free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-solid-900.woff2
Requested by
Host: express.qudurat.com
URL: https://express.qudurat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://express.qudurat.com/
Origin
https://express.qudurat.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 11:59:48 GMT
via
1.1 6c7a5d26be7fb35284e54d321f16b6f6.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C2
age
1275
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
78168
last-modified
Wed, 04 Aug 2021 18:58:24 GMT
server
cloudflare
etag
"a9fd1225fb2cd32320e2b931dca01089"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nusWkTeVNzzdIlOUYIg%2FF8jpQOOul6kFlvju9U%2F7QLAw3leZNy9w4jO6Z9B3BjFGL2510JRGuQOjotf65Y9KOF9AEgEgT4bddlb9vUTKb%2B%2Fw6f3WpE%2FYEilU%2Fav5cWc43pbC7LatHA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
885baee7bdad90e2-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
U5m_Ykugf6Oo9_F3PibS-TLzizvZr42B57c7YoiZfyFZCnTBa311XA==
destination
www.googletagmanager.com/gtag/ 		302 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-GJTY8J9J30&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P4D3J5V9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4534def4acb936dd3b0430ba6e5028bf2bbf207eafcdf5695a20d0098d32ad19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://express.qudurat.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 11:59:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
102339
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 18 May 2024 11:59:48 GMT
collect
region1.google-analytics.com/g/ 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-GJTY8J9J30&gtm=45je45f0v9166152189z89166140742za200&_p=1716033587626&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1009787416.1716033589&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.207%7CGoogle%2520Chrome%3B124.0.6367.207%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1716033588&sct=1&seg=0&dl=https%3A%2F%2Fexpress.qudurat.com%2F&dt=%D8%AA%D8%AD%D8%AF%D9%8A%20%D8%A7%D9%84%D9%82%D8%AF%D8%B1%D8%A7%D8%AA!&en=Page%20Views&_fv=1&_nsi=1&_ss=1&tfd=1535
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-GJTY8J9J30&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://express.qudurat.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 18 May 2024 11:59:48 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://express.qudurat.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
icon0.5x.png
express.qudurat.com/images/ 		57 KB
57 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://express.qudurat.com/images/icon0.5x.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.28.8.12 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.dalilk4ielts.com
Software
Apache /
Resource Hash
13bcb429b86c828eef205183ca2171351d50cbc8daf39c4394b96b23b146c358

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://express.qudurat.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 11:59:49 GMT
last-modified
Wed, 24 Apr 2024 15:18:02 GMT
server
Apache
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
58197
expires
Mon, 17 Jun 2024 11:59:49 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-GJTY8J9J30&gtm=45je45f0v9166152189za200&_p=1716033587626&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1009787416.1716033589&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.207%7CGoogle%2520Chrome%3B124.0.6367.207%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_eu=AEAE&_s=2&sid=1716033588&sct=1&seg=0&dl=https%3A%2F%2Fexpress.qudurat.com%2F&dt=%D8%AA%D8%AD%D8%AF%D9%8A%20%D8%A7%D9%84%D9%82%D8%AF%D8%B1%D8%A7%D8%AA!&en=scroll&epn.percent_scrolled=90&_et=7&tfd=6545
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-GJTY8J9J30&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://express.qudurat.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 18 May 2024 11:59:53 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://express.qudurat.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer object| FontAwesomeKitConfig function| $ function| jQuery object| AOS function| getUrlParam function| setUtmSourceAndCampaign function| swapImages function| separator object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

2 Cookies

Domain/Path Name / Value
.qudurat.com/ Name: _ga
Value: GA1.1.1009787416.1716033589
.qudurat.com/ Name: _ga_GJTY8J9J30
Value: GS1.1.1716033588.1.0.1716033588.0.0.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
dalilk4ielts.com
express.qudurat.com
fonts.googleapis.com
ka-f.fontawesome.com
kit.fontawesome.com
qudurat.com
region1.google-analytics.com
unpkg.com
www.googletagmanager.com
104.17.25.14
172.66.43.156
172.67.133.28
172.67.139.119
2001:4860:4802:32::36
2606:4700:4400::6812:2844
2606:4700::6811:f7cb
2a00:1450:4001:808::200a
2a00:1450:4001:812::200a
2a00:1450:4001:82f::2008
50.28.8.12
08cdc9ca139563f38f0306b133785fe99c0bf6d282b09265640097d9c73b45f1
13bcb429b86c828eef205183ca2171351d50cbc8daf39c4394b96b23b146c358
15e43a1366b7c320c12ace3497892fd0eff14b08d3db0d833874c7a65712fa18
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
2c614afd1ec5935b2dc1b7c3c375d4e69bc20580dcdef56d5acd70663822f9f9
4534def4acb936dd3b0430ba6e5028bf2bbf207eafcdf5695a20d0098d32ad19
4aa4c78d4d9423cabfbf2e0b4d2e34681c90eb0bb0907752f96312512a32e1c9
4cc5fbb9613c54390c1ebfeb40bb06c98ba3276c1f41943ab1cf28134d88dfed
4ef85f4b663e94892e03978447f28fa9cac9670fa12d094c86e6e0cb96da7191
4f9ee3d8f6e621642979e6a8f7e75c57cb9da34918cc08a38abfe178dbae1dd2
5a22d23d43dc202432141d0009f8eef0116cb98aa63b85e65481eba112db0313
5d9479067df6ac972246c21e54e64eca044c129718fd6d1c6d8f96ebd4b51590
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
7d7a2da1e64f04c726521342519bbc963d2040fa36dc2370d08855a0f80f7eb6
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf
9c834dd70d8bd77561d25a39a16167c02f4b0508953cf3df59deabd54e3cb5a4
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
b71cb94e4f5fb0dab083196586aefc34b379a37c0418a81de749ac223484940a
bb5b2faae2f23dcf4c3835438ced2cb2865180ecad7812ba0ab61ac9cdb79856
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7
db35be90b560fe61e56c4a12bc87f9f993a0114e93706ae44c018a24753360d5
e0ed1143f1c34c67adb5a5a1f4477a18c7b1821dab0bf555ffd7d71225dcf099
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f268612ba59ead1b24353bb77d66783bcc435aff1c22be5f93c40bac3869968e
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda