urlscan.io logo urlscan.io
SecurityTrails logo

kinostream.media Open in urlscan Pro
45.132.151.12  Public Scan

Go To Rescan Add Verdict Report
URL: https://kinostream.media/player/embeds/embed_a.html?domain_id=1381&tag=https%3a%2f%2fsvr.adstreamer.ru%2fvpaidsources.php...
Submission: On October 13 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 3 countries across 8 domains to perform 26 HTTP transactions. The main IP is 45.132.151.12, located in Moscow, Russian Federation and belongs to ICEWOOD, RU. The main domain is kinostream.media. The Cisco Umbrella rank of the primary domain is 89166.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on October 5th 2022. Valid for: a year.
This is the only time kinostream.media was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

4    45.132.151.12 (Moscow, Russian Federation)

ASN201119 (ICEWOOD, RU)
kinostream.media
1    91.107.86.116 (Russian Federation)

ASN61400 (NETRACK-AS, RU)
svr.adstreamer.ru
2    91.107.86.117 (Russian Federation)

ASN61400 (NETRACK-AS, RU)
s.adstreamer.ru
4    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
2    91.107.86.118 (Russian Federation)

ASN61400 (NETRACK-AS, RU)
s3.adstreamer.ru
1    2a00:1148:db00::17 (Russian Federation)

ASN47764 (VK-AS, RU)
ad.mail.ru
2    2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2606:4700:3031::ac43:9bdf (United States)

ASN13335 (CLOUDFLARENET, US)
utraff.com
a.utraff.com
3    2607:f8b0:400d:c02::5e (Morganton, United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2606:4700:3033::6815:d6e (None, )

ASN- ()
a.utraff.com
Apex Domain
Subdomains		 Transfer
5 adstreamer.ru
svr.adstreamer.ru — Cisco Umbrella Rank: 90014
s.adstreamer.ru — Cisco Umbrella Rank: 97095
s3.adstreamer.ru — Cisco Umbrella Rank: 106640
3 KB
4 utraff.com
utraff.com — Cisco Umbrella Rank: 33809
a.utraff.com
45 KB
4 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 498
713 KB
4 kinostream.media
kinostream.media — Cisco Umbrella Rank: 89166
150 KB
3 gstatic.com
csi.gstatic.com
333 B
3 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
46 KB
2 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 344
16 KB
1 mail.ru
ad.mail.ru — Cisco Umbrella Rank: 9438
416 B
26 8
Domain Requested by
4 imasdk.googleapis.com kinostream.media
imasdk.googleapis.com
4 kinostream.media kinostream.media
3 csi.gstatic.com imasdk.googleapis.com
2 a.utraff.com utraff.com
2 utraff.com kinostream.media
tpc.googlesyndication.com
2 pagead2.googlesyndication.com imasdk.googleapis.com
2 s0.2mdn.net imasdk.googleapis.com
2 s3.adstreamer.ru kinostream.media
2 s.adstreamer.ru kinostream.media
1 tpc.googlesyndication.com imasdk.googleapis.com
1 ad.mail.ru kinostream.media
1 svr.adstreamer.ru kinostream.media
26 12

This site contains no links.

Subject Issuer Validity Valid
kinostream.media
AlphaSSL CA - SHA256 - G2		 2022-10-05 -
2023-11-06		 a year crt.sh
svr.adstreamer.ru
R3		 2023-08-17 -
2023-11-15		 3 months crt.sh
s.adstreamer.ru
R3		 2023-08-15 -
2023-11-13		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
s3.adstreamer.ru
R3		 2023-08-17 -
2023-11-15		 3 months crt.sh
*.mail.ru
GlobalSign ECC OV SSL CA 2018		 2022-10-18 -
2023-11-19		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
utraff.com
GTS CA 1P5		 2023-10-12 -
2024-01-10		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh

This page contains 8 frames:

Primary Page: https://kinostream.media/player/embeds/embed_a.html?domain_id=1381&tag=https%3a%2f%2fsvr.adstreamer.ru%2fvpaidsources.php%2f1381
Frame ID: 7F4B908E145A6915D41F48043070F3CE
Requests: 6 HTTP requests in this frame

Frame: https://kinostream.media/test/vp.k.v3.9.5.js
Frame ID: 3F5E3F0B8A4A483A316E0E9604F2C00D
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html
Frame ID: 0EA38BBDE8D9A05F992EF8BB3106158B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: CB4D713825EF4DA1B40C98CA2E2A3CA9
Requests: 1 HTTP requests in this frame

Frame: https://kinostream.media/test/vp.k.v3.9.5.js
Frame ID: 72D22C6B1DE789DA6377752EC44BA8DF
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html
Frame ID: 8CD87A854E23AA417A71A60BFB63EE6A
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: A2EC28A4145EE13508D7FF963E35AAB6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/loader21.html?//utraff.com/vpaidp/bundle.bc6d6461.js
Frame ID: 3FD46DC3C0D3FB30A982C1C30196FD96
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Page Statistics

26
Requests

100 %
HTTPS

67 %
IPv6

8
Domains

12
Subdomains

13
IPs

3
Countries

973 kB
Transfer

2965 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request embed_a.html
kinostream.media/player/embeds/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kinostream.media/player/embeds/embed_a.html?domain_id=1381&tag=https%3a%2f%2fsvr.adstreamer.ru%2fvpaidsources.php%2f1381
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.132.151.12 Moscow, Russian Federation, ASN201119 (ICEWOOD, RU),
Reverse DNS
Software
nginx /
Resource Hash
fee043586d9db27f734ab0ebf99e4b271e620034cf10d0d1df5f2ad90bf42d7e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Fri, 13 Oct 2023 21:32:15 GMT
ETag
W/"60b666cc-985"
Last-Modified
Tue, 01 Jun 2021 16:56:44 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
videojs.min.js
kinostream.media/player/ 		375 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kinostream.media/player/videojs.min.js
Requested by
Host: kinostream.media
URL: https://kinostream.media/player/embeds/embed_a.html?domain_id=1381&tag=https%3a%2f%2fsvr.adstreamer.ru%2fvpaidsources.php%2f1381
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.132.151.12 Moscow, Russian Federation, ASN201119 (ICEWOOD, RU),
Reverse DNS
Software
nginx /
Resource Hash
f173a1c6a16e1d2f15d8082182a779ce5ac1dcfeae883304c5ce3d497fe2e194

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kinostream.media/player/embeds/embed_a.html?domain_id=1381&tag=https%3a%2f%2fsvr.adstreamer.ru%2fvpaidsources.php%2f1381
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Fri, 13 Oct 2023 21:32:16 GMT
Content-Encoding
gzip
Last-Modified
Sat, 23 Jul 2022 19:44:43 GMT
Server
nginx
ETag
W/"62dc4fab-5dc6f"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
1381
svr.adstreamer.ru/vpaidsources.php/ 		2 KB
553 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://svr.adstreamer.ru/vpaidsources.php/1381
Requested by
Host: kinostream.media
URL: https://kinostream.media/player/videojs.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.107.86.116 , Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.23.3 /
Resource Hash
b32adb5af1ebc9dbd1a2ea037b6793824671553648b85b887f8efd734ca42f26

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kinostream.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 21:32:06 GMT
content-encoding
gzip
server
nginx/1.23.3
vary
Accept-Encoding, Origin
x-cache
hit
content-type
application/xml
access-control-allow-origin
https://kinostream.media
access-control-allow-credentials
true
link.php
s.adstreamer.ru/ 		982 B
897 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.adstreamer.ru/link.php?link_id=37619
Requested by
Host: kinostream.media
URL: https://kinostream.media/player/videojs.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
91.107.86.117 , Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.23.3 /
Resource Hash
dd9f41d4ed85fa62cdc63576ff40c19a9e3ceb40cfca69388b2de00f67fddf3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kinostream.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Fri, 13 Oct 2023 21:32:06 GMT
Content-Encoding
gzip
Server
nginx/1.23.3
Transfer-Encoding
chunked
Vary
Origin
Content-Type
application/xml
Access-Control-Allow-Origin
https://kinostream.media
X-Cache
hit
Access-Control-Allow-Credentials
true
Connection
keep-alive
vp.k.v3.9.5.js
kinostream.media/test/ Frame 3F5E 		46 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kinostream.media/test/vp.k.v3.9.5.js
Requested by
Host: kinostream.media
URL: https://kinostream.media/player/videojs.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.132.151.12 Moscow, Russian Federation, ASN201119 (ICEWOOD, RU),
Reverse DNS
Software
nginx /
Resource Hash
6afe7bb0a5538edd043c4353b4e77cd01f92e266603aef0ad23a211dff4d9f10

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kinostream.media/player/embeds/embed_a.html?domain_id=1381&tag=https%3a%2f%2fsvr.adstreamer.ru%2fvpaidsources.php%2f1381
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Fri, 13 Oct 2023 21:32:17 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Jul 2023 07:05:40 GMT
Server
nginx
ETag
W/"64ba2e44-b6d1"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 3F5E 		361 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: kinostream.media
URL: https://kinostream.media/test/vp.k.v3.9.5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6939afaeb559a7dd48bf40e39170c0f5ca2125984aeaca978d9491801f717bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kinostream.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 21:32:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126235
x-xss-protection
0
expires
Fri, 13 Oct 2023 21:32:06 GMT
referer.php
s3.adstreamer.ru/ Frame 3F5E 		60 B
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s3.adstreamer.ru/referer.php?domain_id=1381&pu=1&source_id=192&url=https%3A%2F%2Fad.mail.ru%2Fvast%2F391195%3Fcontent_id%3D1381%26dl%3D%257Bkn_url%257D&url_ref=https://kinostream.media
Requested by
Host: kinostream.media
URL: https://kinostream.media/test/vp.k.v3.9.5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
91.107.86.118 , Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.23.3 /
Resource Hash
2b985157ffa8500e43401a66b3faa6b319f93a2e540da6f72e011bfc65cf76b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kinostream.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Fri, 13 Oct 2023 21:32:07 GMT
Server
nginx/1.23.3
Vary
Origin
X-Cache
unreachable
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://kinostream.media
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
60
391195
ad.mail.ru/vast/ Frame 3F5E 		59 B
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/391195?content_id=1381&dl=https%3A%2F%2Fkinostream.media
Requested by
Host: kinostream.media
URL: https://kinostream.media/test/vp.k.v3.9.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
a99977ca42fa57db38a752fcbc2186b778e03f5edd65711797ff98b5a830a7a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kinostream.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Fri, 13 Oct 2023 21:32:07 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://kinostream.media
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
bridge3.595.0_en.html
imasdk.googleapis.com/js/core/ Frame 0EA3 		726 KB
233 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9de6cf1275e2335cae4231d25e6119cd5bb53cfadd831de5cdfc411de862c6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kinostream.media/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
351730
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
238136
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Mon, 09 Oct 2023 19:49:57 GMT
expires
Tue, 08 Oct 2024 19:49:57 GMT
last-modified
Mon, 09 Oct 2023 19:46:17 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 3F5E 		6 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kinostream.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 21:32:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 13 Oct 2023 21:32:07 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame CB4D 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 21:16:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
927
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 13 Oct 2023 22:16:40 GMT
link.php
s.adstreamer.ru/ 		1004 B
921 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.adstreamer.ru/link.php?link_id=38903
Requested by
Host: kinostream.media
URL: https://kinostream.media/player/videojs.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
91.107.86.117 , Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.23.3 /
Resource Hash
f1210f8a875d4ea622cd991131e06fbe7d932dd574ea70fa58e63b9ac13ad353

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kinostream.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Fri, 13 Oct 2023 21:32:07 GMT
Content-Encoding
gzip
Server
nginx/1.23.3
Transfer-Encoding
chunked
Vary
Origin
Content-Type
application/xml
Access-Control-Allow-Origin
https://kinostream.media
X-Cache
hit
Access-Control-Allow-Credentials
true
Connection
keep-alive
vp.k.v3.9.5.js
kinostream.media/test/ Frame 72D2 		46 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kinostream.media/test/vp.k.v3.9.5.js
Requested by
Host: kinostream.media
URL: https://kinostream.media/player/videojs.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.132.151.12 Moscow, Russian Federation, ASN201119 (ICEWOOD, RU),
Reverse DNS
Software
nginx /
Resource Hash
6afe7bb0a5538edd043c4353b4e77cd01f92e266603aef0ad23a211dff4d9f10

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kinostream.media/player/embeds/embed_a.html?domain_id=1381&tag=https%3a%2f%2fsvr.adstreamer.ru%2fvpaidsources.php%2f1381
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Fri, 13 Oct 2023 21:32:18 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Jul 2023 07:05:40 GMT
Server
nginx
ETag
W/"64ba2e44-b6d1"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 72D2 		361 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: kinostream.media
URL: https://kinostream.media/test/vp.k.v3.9.5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6939afaeb559a7dd48bf40e39170c0f5ca2125984aeaca978d9491801f717bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kinostream.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 21:32:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126235
x-xss-protection
0
expires
Fri, 13 Oct 2023 21:32:08 GMT
referer.php
s3.adstreamer.ru/ Frame 72D2 		74 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s3.adstreamer.ru/referer.php?domain_id=1381&pu=1&source_id=324136&url=https%3A%2F%2Futraff.com%2Fvpaid%2FVopj3N8EhHDJBzxO8ZSeakFYrm5ghQwtYkERGSngYrg.xml&wdp=2&wdp2=100&url_ref=https://kinostream.media
Requested by
Host: kinostream.media
URL: https://kinostream.media/test/vp.k.v3.9.5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
91.107.86.118 , Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.23.3 /
Resource Hash
ae9a0da1fd6b7feba852135020d87b6b06159c89c8d8ddf9fec76a27ed6675e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kinostream.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Fri, 13 Oct 2023 21:32:08 GMT
Server
nginx/1.23.3
Vary
Origin
X-Cache
unreachable
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://kinostream.media
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
74
Vopj3N8EhHDJBzxO8ZSeakFYrm5ghQwtYkERGSngYrg.xml
utraff.com/vpaid/ Frame 72D2 		1023 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://utraff.com/vpaid/Vopj3N8EhHDJBzxO8ZSeakFYrm5ghQwtYkERGSngYrg.xml
Requested by
Host: kinostream.media
URL: https://kinostream.media/test/vp.k.v3.9.5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:9bdf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
838c24c2bd093a0558adafb48d04b6c9ff3efcd915bceba74b11193b7433859d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kinostream.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 21:32:08 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 04 Oct 2023 13:56:08 GMT
server
cloudflare
etag
W/"651d6ef8-3ff"
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/xml
access-control-allow-origin
https://kinostream.media
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jYqeJTCHkb5P95howW2kFzGxtDNv5F8PdtpCiLcxmsWHCk9d5JMvm7Lxj8obMEV5UKX4zNqYzBIbE4Wid02DmV87zaA3N3oma0mJVRlZaQnIUcH3gCKulboyXWIquKXa%2Fbi8qPuH6Rnd"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
815ab1881adb5c26-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
bridge3.595.0_en.html
imasdk.googleapis.com/js/core/ Frame 8CD8 		726 KB
233 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9de6cf1275e2335cae4231d25e6119cd5bb53cfadd831de5cdfc411de862c6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kinostream.media/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
351731
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
238136
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Mon, 09 Oct 2023 19:49:57 GMT
expires
Tue, 08 Oct 2024 19:49:57 GMT
last-modified
Mon, 09 Oct 2023 19:46:17 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 72D2 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kinostream.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 21:32:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 13 Oct 2023 21:32:08 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame A2EC 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 21:16:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
928
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 13 Oct 2023 22:16:40 GMT
csi
csi.gstatic.com/ Frame 8CD8 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lnp4jmpv&c=1523590533413&slotId=761795266706.5&eee=missing-element&bi=missing-id&vast_v=3.0&vmfc=1&vhc=0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c02::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 21:32:09 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 8CD8 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lnp4jmqe&c=1523590533413&slotId=761795266706.5&fb=ima_html5-lima&sdkv=h.3.595.0&mrd=4&aab=0&itv=1&ghmsh_eids=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44797965%2C44801604%2C44803783
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c02::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 21:32:09 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
loader21.html
tpc.googlesyndication.com/pagead/js/ Frame 3FD4 		52 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/loader21.html?//utraff.com/vpaidp/bundle.bc6d6461.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
789c309db6cd9d6d31cbe19ae0adf1ceb07fc8b4f485f45bf3e444dd0de457ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
27562
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
18189
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 13 Oct 2023 13:52:47 GMT
etag
7287664291636797308
expires
Sat, 14 Oct 2023 13:52:47 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bundle.bc6d6461.js
utraff.com/vpaidp/ Frame 3FD4 		136 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://utraff.com/vpaidp/bundle.bc6d6461.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/loader21.html?//utraff.com/vpaidp/bundle.bc6d6461.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:9bdf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7e67b5bd546269cc9d5d585af5bf2bfa82f2994c6ca995bf19934000a7e0299

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 21:32:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5850
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 06 Oct 2023 10:13:57 GMT
server
cloudflare
etag
W/"651fdde5-22169"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=beN7iOpldQJp244DlZhFGoMPvvzqY8hqyLfU46RjNkGBN7ckIx02ufu7saVNpHc3auw79S5TqDJH3KzDc0xuJGbKNC3rcmLD3TI6P2U8o75Z3KdHvs1B4CiZByjsQ%2FF22MPDR6ewb4on"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
815ab18d8f665c26-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
ctx
a.utraff.com/ Frame 3FD4 		0
598 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.utraff.com/ctx?vid=Vopj3N8EhHDJBzxO8ZSeakFYrm5ghQwtYkERGSngYrg&origin=https%3A%2F%2Fkinostream.media&origins=https%3A%2F%2Fkinostream.media*https%3A%2F%2Fkinostream.media*https%3A%2F%2Fimasdk.googleapis.com&width=1600&height=1200&v=1.0.6&h=tpc.googlesyndication.com
Requested by
Host: utraff.com
URL: https://utraff.com/vpaidp/bundle.bc6d6461.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:9bdf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tpc.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-type
application/json; charset=utf-8

Response headers

date
Fri, 13 Oct 2023 21:32:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
https://tpc.googlesyndication.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E4qTpF88sKsALorFkrhpMZQiMMM9ULXoHcl5JA9e48EiJOemURTRrLKsDuRHoXWknT9JWNPOB28STi%2FqE5pz5wNUHa0y%2B6E9XhMZKW40uqvwsbO7ys%2FD1VvBUOIPBVKpokVqT%2FQ1bzkboYk%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
x-error
geo mismatch
cf-ray
815ab1914fcd5d4a-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
alt-svc
h3=":443"; ma=86400
ctx
a.utraff.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://a.utraff.com/ctx?vid=Vopj3N8EhHDJBzxO8ZSeakFYrm5ghQwtYkERGSngYrg&origin=https%3A%2F%2Fkinostream.media&origins=https%3A%2F%2Fkinostream.media*https%3A%2F%2Fkinostream.media*https%3A%2F%2Fimasdk.googleapis.com&width=1600&height=1200&v=1.0.6&h=tpc.googlesyndication.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:d6e -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://tpc.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,cf-ipcountry
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://tpc.googlesyndication.com
access-control-max-age
1728000
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
815ab190ec82bb62-FRA
content-length
0
content-type
text/plain; charset=utf-8
date
Fri, 13 Oct 2023 21:32:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zJJNKTWfiBrruj2JaUEVuPtQ4ehbHOSA%2Fr0mbaGBpcYWerWQlEiLuz6KGv%2FK66IIbBpczfiD5JgYvAAjvyBmleBIz5D6bq5va6STK45lwzA4mM7RVqYaMrMsX4I4jLUGAKLThrPNCGZCJuY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
csi
csi.gstatic.com/ Frame 8CD8 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lnp4jmql&c=1523590533413&slotId=761795266706.5&fb=ima_html5-lima&sdkv=h.3.595.0&mrd=4&aab=0&itv=1&ua_e=1&htp=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c02::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 21:32:09 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| videojs object| videojssglobal string| videojssglobalid function| getURLParameter string| tagURL string| param_domain_id object| options number| google_global_correlator object| closure_lm_85106

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.utraff.com
ad.mail.ru
csi.gstatic.com
imasdk.googleapis.com
kinostream.media
pagead2.googlesyndication.com
s.adstreamer.ru
s0.2mdn.net
s3.adstreamer.ru
svr.adstreamer.ru
tpc.googlesyndication.com
utraff.com
2606:4700:3031::ac43:9bdf
2606:4700:3033::6815:d6e
2607:f8b0:400d:c02::5e
2a00:1148:db00::17
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:81c::200a
2a00:1450:4001:828::2006
45.132.151.12
91.107.86.116
91.107.86.117
91.107.86.118
2b985157ffa8500e43401a66b3faa6b319f93a2e540da6f72e011bfc65cf76b1
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6939afaeb559a7dd48bf40e39170c0f5ca2125984aeaca978d9491801f717bb9
6afe7bb0a5538edd043c4353b4e77cd01f92e266603aef0ad23a211dff4d9f10
789c309db6cd9d6d31cbe19ae0adf1ceb07fc8b4f485f45bf3e444dd0de457ac
838c24c2bd093a0558adafb48d04b6c9ff3efcd915bceba74b11193b7433859d
a7e67b5bd546269cc9d5d585af5bf2bfa82f2994c6ca995bf19934000a7e0299
a99977ca42fa57db38a752fcbc2186b778e03f5edd65711797ff98b5a830a7a9
ae9a0da1fd6b7feba852135020d87b6b06159c89c8d8ddf9fec76a27ed6675e0
b32adb5af1ebc9dbd1a2ea037b6793824671553648b85b887f8efd734ca42f26
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
dd9f41d4ed85fa62cdc63576ff40c19a9e3ceb40cfca69388b2de00f67fddf3b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9de6cf1275e2335cae4231d25e6119cd5bb53cfadd831de5cdfc411de862c6b
f1210f8a875d4ea622cd991131e06fbe7d932dd574ea70fa58e63b9ac13ad353
f173a1c6a16e1d2f15d8082182a779ce5ac1dcfeae883304c5ce3d497fe2e194
fee043586d9db27f734ab0ebf99e4b271e620034cf10d0d1df5f2ad90bf42d7e