kurdshield.com Open in urlscan Pro
162.0.215.15 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://kurdshield.com/
Submission: On November 15 via automatic, source urlhaus (November 15th 2022, 10:33:00 pm UTC) — Scanned from DE

Summary HTTP 58 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 11 domains to perform 58 HTTP transactions. The main IP is 162.0.215.15, located in United States and belongs to NAMECHEAP-NET, US. The main domain is kurdshield.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on February 16th 2022. Valid for: a year.

This is the only time kurdshield.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	162.0.215.15 162.0.215.15	22612 (NAMECHEAP...) (NAMECHEAP-NET)
2	2a00:1450:401... 2a00:1450:4013:c01::451	15169 (GOOGLE) (GOOGLE)
10	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	2606:4700::68... 2606:4700::6810:7baf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	76.76.21.142 76.76.21.142	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
58	12

16 162.0.215.15 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium182-4.web-hosting.com

kurdshield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
xamxoran.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4013:c01::451 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)

fonts.sandbox.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:7baf (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.76.21.142 (United States)

ASN16509 (AMAZON-02, US)

shtakanm.vercel.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 tpc.googlesyndication.com — Cisco Umbrella Rank: 136	380 KB
10	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 374	191 KB
10	kurdshield.com kurdshield.com	244 KB
6	xamxoran.xyz xamxoran.xyz	14 KB
5	google.com fonts.sandbox.google.com — Cisco Umbrella Rank: 174792 adservice.google.com — Cisco Umbrella Rank: 72 www.google.com — Cisco Umbrella Rank: 2	3 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41	9 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	2 KB
4	unpkg.com 2 redirects unpkg.com — Cisco Umbrella Rank: 790	9 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8709	914 B
2	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 860	751 B
2	vercel.app shtakanm.vercel.app	187 KB
58	11

	Domain	Requested by
10	cdn.jsdelivr.net	kurdshield.com
10	kurdshield.com	kurdshield.com xamxoran.xyz
8	pagead2.googlesyndication.com	kurdshield.com pagead2.googlesyndication.com tpc.googlesyndication.com
6	xamxoran.xyz	kurdshield.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com
4	fonts.googleapis.com	kurdshield.com
4	unpkg.com	2 redirects kurdshield.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	partner.googleadservices.com	pagead2.googlesyndication.com
2	shtakanm.vercel.app	kurdshield.com
2	fonts.sandbox.google.com	kurdshield.com
1	www.google.com	tpc.googlesyndication.com
58	14

This site contains links to these domains. Also see Links.

Domain
t.me
instagram.com
facebook.com
discord.gg

Subject Issuer	Validity	Valid
kurdshield.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-16` - `2023-02-16`	a year	crt.sh
sandbox.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
xamxoran.xyz Sectigo RSA Domain Validation Secure Server CA	`2022-06-19` - `2023-06-19`	a year	crt.sh
*.vercel.app R3	`2022-09-22` - `2022-12-21`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://kurdshield.com/
Frame ID: 13882FAF2CB3648E4DB810C8B8F4E258
Requests: 49 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: 2E9D36DAE41D18CD4C1457E1CBEAF7D0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2402892917838807&output=html&adk=1812271804&adf=3025194257&lmt=1664715708&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fkurdshield.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668551574842&bpp=2&bdt=917&idt=157&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=284239191211&frm=20&pv=2&ga_vid=505210778.1668551575&ga_sid=1668551575&ga_hid=1396363660&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44777508%2C44770881%2C44769661&oid=2&pvsid=3781166436433492&tmod=175114788&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=174
Frame ID: 3D1F76C8AE745FFA7989F7008BDAAF30
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: 2A948DA97A09A2D85F1C91561C18F6E5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2402892917838807&output=html&adk=1812271804&adf=3025194257&lmt=1664715708&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fkurdshield.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668551576270&bpp=2&bdt=862&idt=94&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D232bc795bda4b107-223b383fb6ce00a2%3AT%3D1668551575%3ART%3D1668551575%3AS%3DALNI_MZfU7Ael_c7df-BTNoarkVvkfhDEQ&gpic=UID%3D00000b81bfa0d83d%3AT%3D1668551575%3ART%3D1668551575%3AS%3DALNI_MYg4eHRjbr0n8v6R7u2WW4p9xnDdA&nras=1&correlator=4292312638805&frm=20&pv=2&ga_vid=1726997637.1668551576&ga_sid=1668551576&ga_hid=8856738&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070763%2C44770881%2C44769662&oid=2&pvsid=3414153315612164&tmod=322928656&uas=0&nvt=2&ref=https%3A%2F%2Fkurdshield.com%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=106
Frame ID: 92399111A16833A109A17B1D96EB49CD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 516C07A4E76FF888D55504C1392F3E18
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BB834BA83735208B84B40186D46001D0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

KurdShield

Page URL History Show full URLs

https://kurdshield.com/ Page URL
https://kurdshield.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

58
Requests

97 %
HTTPS

83 %
IPv6

11
Domains

14
Subdomains

12
IPs

3
Countries

1040 kB
Transfer

3033 kB
Size

4
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://t.me/kurdshieldstore
Title: تێلێگرام

Search URL Search Domain Scan URL

URL: https://instagram.com/abdo.phonne
Title: ئینستاگرام

Search URL Search Domain Scan URL

URL: https://facebook.com/kurdshield
Title: فەیسبووک

Search URL Search Domain Scan URL

URL: https://discord.gg/7ftNjdwWU8
Title: دیسکۆرد

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://kurdshield.com/ Page URL
https://kurdshield.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://unpkg.com/swiper@7/swiper-bundle.min.css HTTP 302
https://unpkg.com/swiper@7.4.1/swiper-bundle.min.css

Request Chain 30

https://unpkg.com/swiper@7/swiper-bundle.min.css HTTP 302
https://unpkg.com/swiper@7.4.1/swiper-bundle.min.css

58 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
kurdshield.com/ 7 KB
3 KB 551ms
190ms Document
text/html 162.0.215.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://kurdshield.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.215.15 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium182-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: 97709fcf52623c387fa437df7f270dbdaa00f7633f9a9362aaf4d1a98448035a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: br
content-length: 2407
content-type: text/html
date: Tue, 15 Nov 2022 22:32:53 GMT
last-modified: Sun, 02 Oct 2022 13:01:48 GMT
server: LiteSpeed
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

GET
H2 200 css2
fonts.sandbox.google.com/ 703 B
971 B 773ms
678ms Stylesheet
text/css 2a00:1450:4013:c01::451
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.sandbox.google.com/css2?family=Material+Symbols+Outlined:opsz,wght,FILL,GRAD@48,400,0,0

Requested by

Host: kurdshield.com
URL: https://kurdshield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4013:c01::451 Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c737c5e34dbf5cc01116815f51dcaba0235c81b3114abe3fdf3eb649a7531f71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kurdshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 15 Nov 2022 22:32:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 22:32:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Nov 2022 22:32:54 GMT

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/ 160 KB
25 KB 93ms
41ms Stylesheet
text/css 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css

Requested by

Host: kurdshield.com
URL: https://kurdshield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://kurdshield.com/
Origin: https://kurdshield.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 22:32:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 17353728
x-jsd-version: 5.1.3
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19134-FRA, cache-itm18849-ITM
x-jsd-version-type: version
server: cloudflare
etag: W/"28021-7Ba9Gb9K6bwuIzasQJpQO7varK0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PfCu2t5gFXxRPDc8W50YwR%2BTUKc10xILkmksTBOrIznALqQfGili5ltvit5z2PeTMRglPmbx4Mn55HwwgWgZ%2FBInZbXOZIaqFJfoZl7CnuYk4Tiha%2BKMNIuyQ%2Bxbs0r7LkaDeZjrBasLSPqaI8s%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 76ab72096cd8911f-FRA

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/ 76 KB
24 KB 91ms
40ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js

Requested by

Host: kurdshield.com
URL: https://kurdshield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://kurdshield.com/
Origin: https://kurdshield.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 22:32:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 20697070
x-jsd-version: 5.1.3
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19173-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"13131-qF5oFiTJGhBqUUwx6s+A3oF7LMM"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Y7xPHojvIXMaPGcAKeHteXFFh1TIXRvw87ZhyNtPGzSCKGGOxsg9BE12oFbJdLEfcOratsYpffjWhwiSlHyG0xQgs153k06aZL58IyGRyEc%2BjI6ZMoP11zw%2BsTlYftWDgdum5uC6vrlcC2zFtc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 76ab72096ce0911f-FRA

GET
H2 200 popper.min.js Show response
cdn.jsdelivr.net/npm/@popperjs/core@2.10.2/dist/umd/ 18 KB
7 KB 79ms
28ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@popperjs/core@2.10.2/dist/umd/popper.min.js

Requested by

Host: kurdshield.com
URL: https://kurdshield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f395875eb5d58c5128c434812cd0a53d438b11536f7fd1577077d8a5c612e1fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://kurdshield.com/
Origin: https://kurdshield.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 22:32:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 20697068
x-jsd-version: 2.10.2
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19147-FRA, cache-hhn4025-HHN
x-jsd-version-type: version
server: cloudflare
etag: W/"496b-DsfKR3i6PMtNGxaICUcgg0++ntM"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FIz1JfJRX2dtKPwV4XTbv5XwkjzbjYOl4maY5ek2sm2G2uAML7QuryhkNXmwbqWZT4d5GBVIsG%2FxQqFkksVpLP2zd892T0dsgeWgUImq%2FCKaEihVRy7tEp0QM8LIUbln1Yz9yBpcYz6xg2iDQjs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 76ab72096ce1911f-FRA

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/ 58 KB
17 KB 111ms
60ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.min.js

Requested by

Host: kurdshield.com
URL: https://kurdshield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70c3d690bdc5ce3b9a1527c46044989a3176e610882fa99f4523e75bc395bcce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://kurdshield.com/
Origin: https://kurdshield.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 22:32:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 20697068
x-jsd-version: 5.1.3
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19156-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"e753-GQgMO4F5hTNqq14c5pJcmYA/Lv0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2Fpvuuj5jj8Gcnk8cNTMzj9UKssFCmARq2%2F7D7Nwq4E8qtx2%2Fps4KyEeUFgw62rG6bEkrFNT7rG1rKGdtHcujTCx0G1uDX6eFIybBPlo6pFBQT6eGy2efqmj5Jxb%2FQ5DutKD%2BDbyQcoB0sTE4sI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 76ab72096ce3911f-FRA

GET
H2

200

swiper-bundle.min.css
unpkg.com/swiper@7.4.1/
Redirect Chain

https://unpkg.com/swiper@7/swiper-bundle.min.css
https://unpkg.com/swiper@7.4.1/swiper-bundle.min.css

15 KB
5 KB

28ms
27ms

Stylesheet
text/css

2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@7.4.1/swiper-bundle.min.css

Requested by

Host: kurdshield.com
URL: https://kurdshield.com/

Protocol

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4c36bd623e62bea63b81dabb7ce6f9e3ae05c5d22f11d2c3a5802ced3c9c499

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kurdshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 22:32:54 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 25454301
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01FT83NCPQWRF53R9GQQCMCD9K
server: cloudflare
etag: W/"3ccb-5Koe10fACH1gYqRziowpfORPwas"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76ab7209ab8abc04-FRA

Redirect headers

date: Tue, 15 Nov 2022 22:32:54 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01GHYPHMY6MRE0Y5ZSP6D8NNFE-fra
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 241
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /swiper@7.4.1/swiper-bundle.min.css
cache-control: public, s-maxage=600, max-age=60
cf-ray: 76ab72097afebc04-FRA

GET
H2 200 e1.css
kurdshield.com/assets/ 3 KB
1000 B 178ms
177ms Stylesheet
text/css 162.0.215.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://kurdshield.com/assets/e1.css
Requested by: Host: kurdshield.com
URL: https://kurdshield.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.215.15 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium182-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: aa3fc7c30eab9ca680cfb99d561edc475a6a8fa656970bde73a03b14263ad608

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kurdshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 22:32:54 GMT
content-encoding: br
last-modified: Mon, 19 Sep 2022 09:05:44 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 780
expires: Tue, 22 Nov 2022 22:32:54 GMT

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.0.0/dist/css/ 141 KB
22 KB 112ms
61ms Stylesheet
text/css 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.0.0/dist/css/bootstrap.min.css

Requested by

Host: kurdshield.com
URL: https://kurdshield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://kurdshield.com/
Origin: https://kurdshield.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 22:32:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 20697062
x-jsd-version: 4.0.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19153-FRA, cache-hhn4026-HHN
x-jsd-version-type: version
server: cloudflare
etag: W/"235ed-iVElpFIqOxDuetoG7mUDWHy/lcU"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XtoGdXBbwK9VwK2jeQAQohGKYuhBKLzJfVBsYusgWvxFw8uGwVuqphATndphWAvHg6IFRuMpJYxbYWD6Ap%2BDYM2I6nY4NjZG%2Fj4YzKxkKpOywVvoCEBZX%2B6JSSHlfnhmxaRpIoHMIfADdiURgRM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 76ab72096cdd911f-FRA

GET
H2 200 css2
fonts.googleapis.com/ 695 B
965 B 92ms
42ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Material+Symbols+Outlined:opsz,wght,FILL,GRAD@48,400,0,0

Requested by

Host: kurdshield.com
URL: https://kurdshield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6b8bb85ac631944d93a68b4a5f18afb0e24a9c53837006dc179936badb03d026

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kurdshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 15 Nov 2022 22:32:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 22:32:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Nov 2022 22:32:53 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 166 KB
54 KB 85ms
39ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2402892917838807

Requested by

Host: kurdshield.com
URL: https://kurdshield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

392076ae65b15a31ac20c0479ccfb3ca795e22b2a6f993e366c5604ab19bd0a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kurdshield.com/
Origin: https://kurdshield.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 22:32:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54966
x-xss-protection: 0
server: cafe
etag: 18328348626121972923
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 15 Nov 2022 22:32:54 GMT

GET
H2 200 icon.png
kurdshield.com/ 16 KB
0 524ms
523ms Image
image/png 162.0.215.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kurdshield.com/icon.png
Requested by: Host: kurdshield.com
URL: https://kurdshield.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.215.15 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium182-4.web-hosting.com
Software: LiteSpeed /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kurdshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 22:32:54 GMT
last-modified: Mon, 29 Aug 2022 08:16:56 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 102262
expires: Tue, 22 Nov 2022 22:32:54 GMT

GET
H2 200 KurdShield.png
kurdshield.com/ 68 KB
68 KB 177ms
177ms Image
image/png 162.0.215.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kurdshield.com/KurdShield.png
Requested by: Host: kurdshield.com
URL: https://kurdshield.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.215.15 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium182-4.web-hosting.com
Software: LiteSpeed /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kurdshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 22:32:54 GMT
last-modified: Mon, 19 Sep 2022 08:48:42 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 69202
expires: Tue, 22 Nov 2022 22:32:54 GMT

GET
H2 200 ma.js Show response
kurdshield.com/assets/ 191 B
404 B 177ms
176ms Script
application/javascript 162.0.215.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://kurdshield.com/assets/ma.js
Requested by: Host: kurdshield.com
URL: https://kurdshield.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.215.15 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium182-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: 794e3c4afe9ca2e9fc20e18c835e5528b0801758f2ed2b84b319670aa7871907

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kurdshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 22:32:54 GMT
last-modified: Mon, 19 Sep 2022 08:40:54 GMT
server: LiteSpeed
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 191
expires: Tue, 22 Nov 2022 22:32:54 GMT

GET
H2 200 disableMouseRightClick.js Show response
xamxoran.xyz/ 289 B
502 B 565ms
176ms Script
application/javascript 162.0.215.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://xamxoran.xyz/disableMouseRightClick.js
Requested by: Host: kurdshield.com
URL: https://kurdshield.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.215.15 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium182-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: 7de9a42c418580c57556d20e459e4c45829afb46a556addb70a884db74214fa9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kurdshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 22:32:54 GMT
last-modified: Sun, 19 Jun 2022 18:51:50 GMT
server: LiteSpeed
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 289
expires: Tue, 22 Nov 2022 22:32:54 GMT

GET
H2 200 gamep.js Show response
xamxoran.xyz/ 15 KB
5 KB 177ms
177ms Script
application/javascript 162.0.215.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://xamxoran.xyz/gamep.js
Requested by: Host: kurdshield.com
URL: https://kurdshield.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.215.15 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium182-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: d69573a353925ca86b75fe0c07a04cb1d34cb743237bd3015262d9e08f2533e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kurdshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 22:32:54 GMT
content-encoding: br
last-modified: Sun, 19 Jun 2022 18:51:55 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 4561
expires: Tue, 22 Nov 2022 22:32:54 GMT

GET
H2 200 hhama.js
xamxoran.xyz/ 4 KB
2 KB 315ms
314ms Script
application/javascript 162.0.215.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://xamxoran.xyz/hhama.js
Requested by: Host: kurdshield.com
URL: https://kurdshield.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.215.15 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium182-4.web-hosting.com
Software: LiteSpeed /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kurdshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 22:32:54 GMT
content-encoding: br
last-modified: Sun, 19 Jun 2022 18:51:36 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 1395
expires: Tue, 22 Nov 2022 22:32:54 GMT

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
549 B 28ms
28ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Cairo:wght@600&display=swap

Requested by

Host: kurdshield.com
URL: https://kurdshield.com/assets/e1.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

36746aba591a5adf99393fa241096c3f4e6555b641d337c03a37f41b7f0bc451

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kurdshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 15 Nov 2022 22:32:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 21:58:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Nov 2022 22:32:54 GMT

GET
H2 200 hama.ttf
shtakanm.vercel.app/ 320 KB
94 KB 78ms
26ms Font
font/ttf 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://shtakanm.vercel.app/hama.ttf

Requested by

Host: kurdshield.com
URL: https://kurdshield.com/

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.142 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

5875e28b47a50d01093760c55b3beb90aa7f3c56ff9f5b60b6130af04f5449a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://kurdshield.com/
Origin: https://kurdshield.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 22:32:54 GMT
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: Vercel
x-vercel-id: fra1:fra1::cdrgm-1668551574799-42377f32b8c5
age: 1836991
etag: W/"03d026fbc6d28522c0ff23ab50f3ba54"
x-vercel-cache: HIT
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="hama.ttf"

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/ 355 KB
117 KB 98ms
57ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2402892917838807&plah=kurdshield.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2402892917838807

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4bb303445044844bd7619966ed84061a9e0bc8ac96b55abca39a822cab0bba0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kurdshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 22:32:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119618
x-xss-protection: 0
server: cafe
etag: 10506310641446058434
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 15 Nov 2022 22:32:54 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame 2E9D 10 KB
5 KB 65ms
19ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2402892917838807

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kurdshield.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 14333
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 15 Nov 2022 18:34:01 GMT
etag: 10353107486223812946
expires: Tue, 29 Nov 2022 18:34:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js
partner.googleadservices.com/gampad/ 395 B
698 B 75ms
28ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=kurdshield.com&callback=_gfp_s_&client=ca-pub-2402892917838807&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2402892917838807&plah=kurdshield.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kurdshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 22:32:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 253
x-xss-protection: 0

GET
H2 200 integrator.js
adservice.google.de/adsid/ 107 B
792 B 77ms
29ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=kurdshield.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kurdshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 22:32:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js
adservice.google.com/adsid/ 107 B
549 B 92ms
31ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=kurdshield.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kurdshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 22:32:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 3D1F 603 B
68 B 83ms
41ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2402892917838807&output=html&adk=1812271804&adf=3025194257&lmt=1664715708&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fkurdshield.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668551574842&bpp=2&bdt=917&idt=157&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=284239191211&frm=20&pv=2&ga_vid=505210778.1668551575&ga_sid=1668551575&ga_hid=1396363660&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44777508%2C44770881%2C44769661&oid=2&pvsid=3781166436433492&tmod=175114788&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=174

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kurdshield.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 15 Nov 2022 22:32:55 GMT
expires: Tue, 15 Nov 2022 22:32:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 Primary Request / Show response
kurdshield.com/ 7 KB
3 KB 379ms
378ms Document
text/html 162.0.215.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://kurdshield.com/
Requested by: Host: xamxoran.xyz
URL: https://xamxoran.xyz/gamep.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.215.15 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium182-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: 97709fcf52623c387fa437df7f270dbdaa00f7633f9a9362aaf4d1a98448035a

Request headers

Referer: https://kurdshield.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: br
content-length: 2407
content-type: text/html
date: Tue, 15 Nov 2022 22:32:55 GMT
last-modified: Sun, 02 Oct 2022 13:01:48 GMT
server: LiteSpeed
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

GET
H3 200 css2
fonts.sandbox.google.com/ 703 B
469 B 736ms
683ms Stylesheet
text/css 2a00:1450:4013:c01::451
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.sandbox.google.com/css2?family=Material+Symbols+Outlined:opsz,wght,FILL,GRAD@48,400,0,0

Requested by

Host: kurdshield.com
URL: https://kurdshield.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4013:c01::451 Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c737c5e34dbf5cc01116815f51dcaba0235c81b3114abe3fdf3eb649a7531f71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kurdshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 15 Nov 2022 22:32:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 22:32:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Nov 2022 22:32:56 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/ 160 KB
25 KB 76ms
53ms Stylesheet
text/css 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css

Requested by

Host: kurdshield.com
URL: https://kurdshield.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://kurdshield.com/
Origin: https://kurdshield.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 22:32:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 17353730
x-jsd-version: 5.1.3
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19134-FRA, cache-itm18849-ITM
x-jsd-version-type: version
server: cloudflare
etag: W/"28021-7Ba9Gb9K6bwuIzasQJpQO7varK0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oxXfSUJ9HLV%2Fae1UyIwv4koDieiQjpQZwYFN9wK%2FrShXLehEyjhLnd%2BE31JJc9JXblKRxbXN4wbz%2FmyincRU45Y%2BKwmmBhzquIDgyl7avFtUlIPZjTPlrp9CfKk2PvaIQBl8NuARCjI0ODlQ2oM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 76ab7212789b9c01-FRA

GET
H3 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/ 76 KB
24 KB 97ms
74ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js

Requested by

Host: kurdshield.com
URL: https://kurdshield.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://kurdshield.com/
Origin: https://kurdshield.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 22:32:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 20697072
x-jsd-version: 5.1.3
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19173-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"13131-qF5oFiTJGhBqUUwx6s+A3oF7LMM"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3sNO2ET%2FzSNsVQmApS48ijNJiyaFYjfVgj2YKQQwUohLkVIE3VhBwcoH8qpyZk4K4XLijNo%2BiZdN9oGj6pbmD%2F%2BTx9elrSegnhX5jhnYaDn2fN5HFGhdbvWIrl2riQ%2Bsqjiz85S9rN05QpRxT2U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 76ab7212789f9c01-FRA

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/@popperjs/core@2.10.2/dist/umd/ 18 KB
7 KB 97ms
75ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@popperjs/core@2.10.2/dist/umd/popper.min.js

Requested by

Host: kurdshield.com
URL: https://kurdshield.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f395875eb5d58c5128c434812cd0a53d438b11536f7fd1577077d8a5c612e1fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://kurdshield.com/
Origin: https://kurdshield.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 22:32:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 20697070
x-jsd-version: 2.10.2
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19147-FRA, cache-hhn4025-HHN
x-jsd-version-type: version
server: cloudflare
etag: W/"496b-DsfKR3i6PMtNGxaICUcgg0++ntM"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=StXgjMu2wO1tLMBqi5v2I1AuBOSzJ7K4AigspdjjMgm4zspboLRiQqbkVZrBKqOqPAbYOm6mJ8F7ttgOzGeWD%2BGeCvMKRf8CgWSQn5Ds%2BAWUSyf3BrB3V3dImDmcfFfbNkGIK2hHphPELxQruPY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 76ab721278a09c01-FRA

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/ 58 KB
17 KB 98ms
75ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.min.js

Requested by

Host: kurdshield.com
URL: https://kurdshield.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70c3d690bdc5ce3b9a1527c46044989a3176e610882fa99f4523e75bc395bcce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://kurdshield.com/
Origin: https://kurdshield.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 22:32:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 20697070
x-jsd-version: 5.1.3
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19156-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"e753-GQgMO4F5hTNqq14c5pJcmYA/Lv0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DjEC3hMHCYyti7l6jvPC2lK515f7MBvQF9HAdmNEgUt0LbB8Y%2Fh3go32DwKZGueHdV75eT1nngz79M26ryTnhAJ%2FTsDx%2BFG53CT5uHoo3gClqHIObi6O%2B09d9PTLxVCz1MqOvLJ3Q95CFO5%2BrBg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 76ab721278a19c01-FRA

GET
H2

200

swiper-bundle.min.css
unpkg.com/swiper@7.4.1/
Redirect Chain

https://unpkg.com/swiper@7/swiper-bundle.min.css
https://unpkg.com/swiper@7.4.1/swiper-bundle.min.css

15 KB
4 KB

27ms
27ms

Stylesheet
text/css

2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@7.4.1/swiper-bundle.min.css

Requested by

Host: kurdshield.com
URL: https://kurdshield.com/

Protocol

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4c36bd623e62bea63b81dabb7ce6f9e3ae05c5d22f11d2c3a5802ced3c9c499

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kurdshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 22:32:55 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 25454302
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01FT83NCPQWRF53R9GQQCMCD9K
server: cloudflare
etag: W/"3ccb-5Koe10fACH1gYqRziowpfORPwas"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76ab72128c9abc04-FRA

Redirect headers

date: Tue, 15 Nov 2022 22:32:55 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01GHYPHMY6MRE0Y5ZSP6D8NNFE-fra
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 242
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /swiper@7.4.1/swiper-bundle.min.css
cache-control: public, s-maxage=600, max-age=60
cf-ray: 76ab72125c55bc04-FRA

GET
H2 200 e1.css
kurdshield.com/assets/ 3 KB
1000 B 174ms
174ms Stylesheet
text/css 162.0.215.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://kurdshield.com/assets/e1.css
Requested by: Host: kurdshield.com
URL: https://kurdshield.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.215.15 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium182-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: aa3fc7c30eab9ca680cfb99d561edc475a6a8fa656970bde73a03b14263ad608

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kurdshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 22:32:55 GMT
content-encoding: br
last-modified: Mon, 19 Sep 2022 09:05:44 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 780
expires: Tue, 22 Nov 2022 22:32:55 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.0.0/dist/css/ 141 KB
22 KB 54ms
32ms Stylesheet
text/css 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.0.0/dist/css/bootstrap.min.css

Requested by

Host: kurdshield.com
URL: https://kurdshield.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://kurdshield.com/
Origin: https://kurdshield.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 22:32:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 20697064
x-jsd-version: 4.0.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19153-FRA, cache-hhn4026-HHN
x-jsd-version-type: version
server: cloudflare
etag: W/"235ed-iVElpFIqOxDuetoG7mUDWHy/lcU"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jgw%2B5lECU8Ynzi8cLg7gL7Z9THZyyxDGnvq9Mb%2BAjpj87y7VMIUYlNq09qR6OACtmMLM7gXqQGcBKxW%2FzAl8F8e9uy44YoMtdSIIwj59nTgJvNJDuySbAKhJcLu908lF2%2BWbAse8mjs%2Fn6oy%2BO8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 76ab721278a29c01-FRA

GET
H3 200 css2
fonts.googleapis.com/ 695 B
463 B 28ms
28ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Material+Symbols+Outlined:opsz,wght,FILL,GRAD@48,400,0,0

Requested by

Host: kurdshield.com
URL: https://kurdshield.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6b8bb85ac631944d93a68b4a5f18afb0e24a9c53837006dc179936badb03d026

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kurdshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 15 Nov 2022 22:32:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 22:32:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Nov 2022 22:32:55 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 166 KB
54 KB 86ms
43ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2402892917838807

Requested by

Host: kurdshield.com
URL: https://kurdshield.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f3d55ffc08a262e0098de188b88e0bd5190df34083437ec12091364f5c7cc3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kurdshield.com/
Origin: https://kurdshield.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 22:32:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54967
x-xss-protection: 0
server: cafe
etag: 5918950470573400468
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 15 Nov 2022 22:32:56 GMT

GET
H2 200 icon.png
kurdshield.com/ 100 KB
100 KB 175ms
174ms Image
image/png 162.0.215.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kurdshield.com/icon.png
Requested by: Host: kurdshield.com
URL: https://kurdshield.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.215.15 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium182-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: 6d12011f60958fc62f21ae2b61e4642c689d9a1be164f8fb8a8f7f9f5b4f8ad2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kurdshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 22:32:56 GMT
last-modified: Mon, 29 Aug 2022 08:16:56 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 102262
expires: Tue, 22 Nov 2022 22:32:56 GMT

GET
H2 200 KurdShield.png
kurdshield.com/ 68 KB
68 KB 348ms
348ms Image
image/png 162.0.215.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kurdshield.com/KurdShield.png
Requested by: Host: kurdshield.com
URL: https://kurdshield.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.215.15 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium182-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: a37d10ada27c0b463acbf92eae7be0cd063181d95b09c10c067589d7fa11828e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kurdshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 22:32:56 GMT
last-modified: Mon, 19 Sep 2022 08:48:42 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 69202
expires: Tue, 22 Nov 2022 22:32:56 GMT

GET
H2 200 ma.js Show response
kurdshield.com/assets/ 191 B
404 B 175ms
174ms Script
application/javascript 162.0.215.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://kurdshield.com/assets/ma.js
Requested by: Host: kurdshield.com
URL: https://kurdshield.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.215.15 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium182-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: 794e3c4afe9ca2e9fc20e18c835e5528b0801758f2ed2b84b319670aa7871907

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kurdshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 22:32:55 GMT
last-modified: Mon, 19 Sep 2022 08:40:54 GMT
server: LiteSpeed
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 191
expires: Tue, 22 Nov 2022 22:32:55 GMT

GET
H2 200 disableMouseRightClick.js Show response
xamxoran.xyz/ 289 B
502 B 173ms
173ms Script
application/javascript 162.0.215.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://xamxoran.xyz/disableMouseRightClick.js
Requested by: Host: kurdshield.com
URL: https://kurdshield.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.215.15 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium182-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: 7de9a42c418580c57556d20e459e4c45829afb46a556addb70a884db74214fa9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kurdshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 22:32:55 GMT
last-modified: Sun, 19 Jun 2022 18:51:50 GMT
server: LiteSpeed
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 289
expires: Tue, 22 Nov 2022 22:32:55 GMT

GET
H2 200 gamep.js Show response
xamxoran.xyz/ 15 KB
5 KB 181ms
180ms Script
application/javascript 162.0.215.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://xamxoran.xyz/gamep.js
Requested by: Host: kurdshield.com
URL: https://kurdshield.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.215.15 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium182-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: d69573a353925ca86b75fe0c07a04cb1d34cb743237bd3015262d9e08f2533e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kurdshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 22:32:56 GMT
content-encoding: br
last-modified: Sun, 19 Jun 2022 18:51:55 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 4561
expires: Tue, 22 Nov 2022 22:32:56 GMT

GET
H2 200 hhama.js Show response
xamxoran.xyz/ 4 KB
2 KB 174ms
173ms Script
application/javascript 162.0.215.15
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://xamxoran.xyz/hhama.js
Requested by: Host: kurdshield.com
URL: https://kurdshield.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.215.15 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium182-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: bec3ef9e60333db3469c9d65ee394ae2939eb3fa31b3e3a49cafe05f02f4f787

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kurdshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 22:32:56 GMT
content-encoding: br
last-modified: Sun, 19 Jun 2022 18:51:36 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 1395
expires: Tue, 22 Nov 2022 22:32:56 GMT

GET
H3 200 css2
fonts.googleapis.com/ 1 KB
453 B 29ms
29ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Cairo:wght@600&display=swap

Requested by

Host: kurdshield.com
URL: https://kurdshield.com/assets/e1.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

36746aba591a5adf99393fa241096c3f4e6555b641d337c03a37f41b7f0bc451

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kurdshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 15 Nov 2022 22:32:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 22:08:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Nov 2022 22:32:56 GMT

GET
H2 200 hama.ttf
shtakanm.vercel.app/ 320 KB
94 KB 24ms
24ms Font
font/ttf 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://shtakanm.vercel.app/hama.ttf

Requested by

Host: kurdshield.com
URL: https://kurdshield.com/

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.142 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

5875e28b47a50d01093760c55b3beb90aa7f3c56ff9f5b60b6130af04f5449a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://kurdshield.com/
Origin: https://kurdshield.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 22:32:56 GMT
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: Vercel
x-vercel-id: fra1:fra1::bwv6w-1668551576193-a2ece49ff3d1
age: 1836992
etag: W/"03d026fbc6d28522c0ff23ab50f3ba54"
x-vercel-cache: HIT
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="hama.ttf"

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/ 355 KB
117 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2402892917838807&plah=kurdshield.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2402892917838807

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a745c486b7c564873d2423e094524d4a703b1e7e2a83143fb4abf9cc9244821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kurdshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 22:32:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119613
x-xss-protection: 0
server: cafe
etag: 2964313174497287929
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 15 Nov 2022 22:32:56 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame 2A94 10 KB
4 KB 20ms
20ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2402892917838807

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kurdshield.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 14335
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 15 Nov 2022 18:34:01 GMT
etag: 10353107486223812946
expires: Tue, 29 Nov 2022 18:34:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ 12 B
53 B 65ms
27ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=kurdshield.com&callback=_gfp_s_&client=ca-pub-2402892917838807&cookie=ID%3D232bc795bda4b107-223b383fb6ce00a2%3AT%3D1668551575%3ART%3D1668551575%3AS%3DALNI_MZfU7Ael_c7df-BTNoarkVvkfhDEQ&gpic=UID%3D00000b81bfa0d83d%3AT%3D1668551575%3ART%3D1668551575%3AS%3DALNI_MYg4eHRjbr0n8v6R7u2WW4p9xnDdA&gpid_exp=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kurdshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 22:32:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 73ms
31ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=kurdshield.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kurdshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 22:32:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 68ms
29ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=kurdshield.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kurdshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 22:32:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9239 603 B
69 B 44ms
44ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2402892917838807&output=html&adk=1812271804&adf=3025194257&lmt=1664715708&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fkurdshield.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668551576270&bpp=2&bdt=862&idt=94&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D232bc795bda4b107-223b383fb6ce00a2%3AT%3D1668551575%3ART%3D1668551575%3AS%3DALNI_MZfU7Ael_c7df-BTNoarkVvkfhDEQ&gpic=UID%3D00000b81bfa0d83d%3AT%3D1668551575%3ART%3D1668551575%3AS%3DALNI_MYg4eHRjbr0n8v6R7u2WW4p9xnDdA&nras=1&correlator=4292312638805&frm=20&pv=2&ga_vid=1726997637.1668551576&ga_sid=1668551576&ga_hid=8856738&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070763%2C44770881%2C44769662&oid=2&pvsid=3414153315612164&tmod=322928656&uas=0&nvt=2&ref=https%3A%2F%2Fkurdshield.com%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=106

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kurdshield.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 15 Nov 2022 22:32:56 GMT
expires: Tue, 15 Nov 2022 22:32:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 41ms
41ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c1a7a3d07386ac2f533295154a96ef28966914f0fb5165f53864fa5b3da7040a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kurdshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 22:32:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11071
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 125ms
75ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kurdshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 22:32:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Nov 2022 22:32:56 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 516C 13 KB
5 KB 63ms
20ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kurdshield.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 7915
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 15 Nov 2022 20:21:01 GMT
expires: Wed, 15 Nov 2023 20:21:01 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BB83 783 B
1 KB 74ms
29ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e5e68f1a63d3cdb5ef266f2e58dc80199a41f00eacf83f8529c450c9f5444efa

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EX9eD5xSSRjZRnFV_bH5dA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kurdshield.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-EX9eD5xSSRjZRnFV_bH5dA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 15 Nov 2022 22:32:56 GMT
expires: Tue, 15 Nov 2022 22:32:56 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js Show response
pagead2.googlesyndication.com/bg/ Frame 516C 36 KB
16 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 20:42:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6656
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16010
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Nov 2023 20:42:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BB83 0
0 53ms
53ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=3414153315612164&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 516C 0
10 B 20ms
19ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?g5AVzA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 22:32:57 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 55ms
55ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=3414153315612164&bg=!tLelt_PNAAbvMpMzzzI7ACkAdvg8Wl4AFI56cZM_UgWiJFfUqcdJ2_cPRZ36WXfMEeSpmoUDagvP8wIAAABuUgAAAARoAQcKAHHEuHJl1aSOCll54cSQx9vJEEJ2lE8yheCTuPO9OJgjCVoOBQPJnIEFkEl3_U6jt_X-XtYTtt-oC3bYAt-Fkp29FXCsrcH0zgNKRRePnAg4u7vyXW5OctrsDmKhjlpirPETfHSTdYMCp1NBHkM0xOjLApkCmkv6yN84GKNeTT2D-JoPd1DfzobrnoeVpBYCy-UAHQ3JzzB_Qt7P62cHtxVXde1kueB-b_J2L5-TTGMdrcqQx7KsPA6jWKMQQeV4ugU2TbzCNwYD2gDuqObdO_WSk2C-DHjaIAWdK1AmvSR1_eRD9bFC1P-KMxlzhltglV4oRD0CiaWns1BaB5bJMD7C94zG8Uq24KbS2T0bC7OhDqjkLPufL17IxNV4wuSeY5AT7xPK2xKrheHYq9UIVldTAyJePazAXBxmVAQG39981zDeRj5wZZUFkKdJf5yNIk__7XrbvnIPFDd2atznlv9Mc8SuF_vA-juGypzLNxOdYT4ivIlvMP0LZoLIfU752XcgHIrTiCz71T1wH7XXJAj_vm7D48Mv1QOp1D1O2k9eLcI9EuduqfjJQDOCqmA2WJv5USbH32pVdqn8S5Iu8XqK_9-lMFQBeV57X7N_iHbtCCzSJePgek7YgTECY9RdNqDZ1vAw3Oj6mdmqWbFEWPS02exJHtJIrvlyQBDPBlrFcpKo7wYuff5gpTEc6g5pzPnrmaAesTzkB27-vCUR0Qt8fVgYVauznUoVZ0kWDTrNP00Ta_N9R-FmNB3tk5z8kVly7DoUnHSsxcocMJucs_sqrWtWGd_5oYYGF5Q2f0FR5p7lzQU3eQyuPAHk4IPvF76C6kz5FsqJgMgGCS4vAtdMpW6Us3Q5nXYovvflyRtMKScsR25P_KAX7OPDR-i_PjRAXDsvkzPf0huAVZWBcu5Uut578BvJ6ihCgZcKz-K6KhRf2afXTuEGeHoIDuVUZ0ngrv4-9UTP3U5lWUuYo1PcaxfEfUowlJxk3mc0pbiclWcy4p6Uipa-AJqNH94iNyZ4-7ynTDsbier--7ZHgA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kurdshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
kurdshield.com/	1970-01-20 17:05:11	Name: __utmq Value: 1
.kurdshield.com/	1970-01-20 16:50:47	Name: __gads Value: ID=232bc795bda4b107-223b383fb6ce00a2:T=1668551575:RT=1668551575:S=ALNI_MZfU7Ael_c7df-BTNoarkVvkfhDEQ
.kurdshield.com/	1970-01-20 16:50:47	Name: __gpi Value: UID=00000b81bfa0d83d:T=1668551575:RT=1668551575:S=ALNI_MYg4eHRjbr0n8v6R7u2WW4p9xnDdA
.doubleclick.net/	1970-01-20 16:50:47	Name: IDE Value: AHWqTUkHckdV7pjdFOwxDG5niU97nsJEQQJhtFX9uBV8xqxf8CHqBUl_MrQxK8_wVn4

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.jsdelivr.net
fonts.googleapis.com
fonts.sandbox.google.com
googleads.g.doubleclick.net
kurdshield.com
pagead2.googlesyndication.com
partner.googleadservices.com
shtakanm.vercel.app
tpc.googlesyndication.com
unpkg.com
www.google.com
xamxoran.xyz
162.0.215.15
2606:4700::6810:5914
2606:4700::6810:7baf
2a00:1450:4001:802::2001
2a00:1450:4001:806::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:82f::2004
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
2a00:1450:4013:c01::451
76.76.21.142
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
36746aba591a5adf99393fa241096c3f4e6555b641d337c03a37f41b7f0bc451
392076ae65b15a31ac20c0479ccfb3ca795e22b2a6f993e366c5604ab19bd0a8
4bb303445044844bd7619966ed84061a9e0bc8ac96b55abca39a822cab0bba0d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5875e28b47a50d01093760c55b3beb90aa7f3c56ff9f5b60b6130af04f5449a0
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
6b8bb85ac631944d93a68b4a5f18afb0e24a9c53837006dc179936badb03d026
6d12011f60958fc62f21ae2b61e4642c689d9a1be164f8fb8a8f7f9f5b4f8ad2
70c3d690bdc5ce3b9a1527c46044989a3176e610882fa99f4523e75bc395bcce
794e3c4afe9ca2e9fc20e18c835e5528b0801758f2ed2b84b319670aa7871907
7a745c486b7c564873d2423e094524d4a703b1e7e2a83143fb4abf9cc9244821
7de9a42c418580c57556d20e459e4c45829afb46a556addb70a884db74214fa9
7f3d55ffc08a262e0098de188b88e0bd5190df34083437ec12091364f5c7cc3b
97709fcf52623c387fa437df7f270dbdaa00f7633f9a9362aaf4d1a98448035a
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a37d10ada27c0b463acbf92eae7be0cd063181d95b09c10c067589d7fa11828e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aa3fc7c30eab9ca680cfb99d561edc475a6a8fa656970bde73a03b14263ad608
b4c36bd623e62bea63b81dabb7ce6f9e3ae05c5d22f11d2c3a5802ced3c9c499
bec3ef9e60333db3469c9d65ee394ae2939eb3fa31b3e3a49cafe05f02f4f787
c1a7a3d07386ac2f533295154a96ef28966914f0fb5165f53864fa5b3da7040a
c737c5e34dbf5cc01116815f51dcaba0235c81b3114abe3fdf3eb649a7531f71
d69573a353925ca86b75fe0c07a04cb1d34cb743237bd3015262d9e08f2533e1
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5e68f1a63d3cdb5ef266f2e58dc80199a41f00eacf83f8529c450c9f5444efa
f395875eb5d58c5128c434812cd0a53d438b11536f7fd1577077d8a5c612e1fd
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3

kurdshield.com Open in urlscan Pro 162.0.215.15 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

58 Requests

97 %HTTPS

83 %IPv6

11 Domains

14 Subdomains

12 IPs

3 Countries

1040 kBTransfer

3033 kBSize

4 Cookies

4 Outgoing links

Page URL History

Redirected requests

58 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

kurdshield.com Open in urlscan Pro
162.0.215.15 Public Scan

Screenshot
Live screenshot

Full Image

58
Requests

97 %
HTTPS

83 %
IPv6

11
Domains

14
Subdomains

12
IPs

3
Countries

1040 kB
Transfer

3033 kB
Size

4
Cookies

58 HTTP transactions
0 data transactions