play.universalplus.com Open in urlscan Pro
2606:4700:3030::6815:5cb0 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://play.universalplus.com/ar/player/serie/la-brea/piloto_rayg1g?previousSection=/ar/serie/la-brea_u31cv9
Submission: On December 28 via manual (December 28th 2021, 9:31:51 pm UTC) from AR — Scanned from DE

Summary HTTP 76 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 11 domains to perform 76 HTTP transactions. The main IP is 2606:4700:3030::6815:5cb0, located in United States and belongs to CLOUDFLARENET, US. The main domain is play.universalplus.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 22nd 2021. Valid for: a year.

This is the only time play.universalplus.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	2606:4700:303... 2606:4700:3030::6815:5cb0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
9	104.18.11.69 104.18.11.69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	104.18.10.69 104.18.10.69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
4	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
8	104.18.31.84 104.18.31.84	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
76	14

12 2606:4700:3030::6815:5cb0 (United States)

ASN13335 (CLOUDFLARENET, US)

play.universalplus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.18.11.69 (None, )

ASN13335 (CLOUDFLARENET, US)

experience-cdn.tbxnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sp.tbxnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 104.18.10.69 (None, )

ASN13335 (CLOUDFLARENET, US)

experience-universalplus.tbxnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sp.tbxnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.31.84 (None, )

ASN13335 (CLOUDFLARENET, US)

unity.tbxapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	tbxnet.com experience-cdn.tbxnet.com experience-universalplus.tbxnet.com sp.tbxnet.com	1 MB
12	universalplus.com play.universalplus.com	86 KB
10	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	184 KB
8	tbxapis.com unity.tbxapis.com	10 KB
5	doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net	149 KB
4	googleapis.com fonts.googleapis.com imasdk.googleapis.com	126 KB
2	google.com adservice.google.com www.google.com	2 KB
1	google-analytics.com www.google-analytics.com	20 KB
1	gstatic.com fonts.gstatic.com	17 KB
1	google.de adservice.google.de	792 B
1	googleadservices.com partner.googleadservices.com	448 B
76	11

	Domain	Requested by
20	sp.tbxnet.com	experience-cdn.tbxnet.com
12	play.universalplus.com	experience-cdn.tbxnet.com
8	unity.tbxapis.com	experience-cdn.tbxnet.com
8	pagead2.googlesyndication.com	play.universalplus.com pagead2.googlesyndication.com tpc.googlesyndication.com
8	experience-cdn.tbxnet.com	play.universalplus.com experience-cdn.tbxnet.com
3	securepubads.g.doubleclick.net	play.universalplus.com securepubads.g.doubleclick.net
3	experience-universalplus.tbxnet.com	play.universalplus.com experience-universalplus.tbxnet.com
3	fonts.googleapis.com	play.universalplus.com experience-universalplus.tbxnet.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	imasdk.googleapis.com	experience-cdn.tbxnet.com
1	www.google-analytics.com	experience-cdn.tbxnet.com
1	www.google.com	tpc.googlesyndication.com
1	fonts.gstatic.com	fonts.googleapis.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
76	17

This site contains links to these domains. Also see Links.

Domain
www.nbcuniversal.com
www.facebook.com
twitter.com
www.instagram.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-11-22` - `2022-11-21`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://play.universalplus.com/ar/player/serie/la-brea/piloto_rayg1g?previousSection=/ar/serie/la-brea_u31cv9
Frame ID: 4C3EE461A1D76EEE12C5E6286B998F1F
Requests: 66 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html
Frame ID: 9641583C9A73CEAF76CAEAD456B25D35
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2374064157978519&output=html&adk=1812271804&adf=3025194257&lmt=1640706290&plat=1%3A16777216%2C2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fplay.universalplus.com%2Far%2Fplayer%2Fserie%2Fla-brea%2Fpiloto_rayg1g%3FpreviousSection%3D%2Far%2Fserie%2Fla-brea_u31cv9&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640727106266&bpp=3&bdt=1042&idt=85&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=62769686262&frm=20&pv=2&ga_vid=1987320745.1640727106&ga_sid=1640727106&ga_hid=127076604&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C44753656&oid=2&pvsid=2917805008059295&pem=333&tmod=418&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=103
Frame ID: AEB9B8DF95CCD084BF8291186C7D8A38
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 98F4AB561111ED5EAF7A33A7F1D16AE8
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 005DABFC88465416F2C88EF5DEBB22C4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Universal Plus

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

76
Requests

100 %
HTTPS

71 %
IPv6

11
Domains

17
Subdomains

14
IPs

3
Countries

2028 kB
Transfer

7386 kB
Size

4
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.nbcuniversal.com/terms
Title: Términos de Servicio

Search URL Search Domain Scan URL

URL: https://www.nbcuniversal.com/privacy-policies/privacy-latinamerica
Title: Política de Privacidad

Search URL Search Domain Scan URL

URL: https://www.facebook.com/universalplus

Search URL Search Domain Scan URL

URL: https://twitter.com/universalplus

Search URL Search Domain Scan URL

URL: https://www.instagram.com/universalplus/?hl=es-la

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

76 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request piloto_rayg1g Show response
play.universalplus.com/ar/player/serie/la-brea/ 4 KB
2 KB 376ms
305ms Document
text/html 2606:4700:3030::6815:5cb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://play.universalplus.com/ar/player/serie/la-brea/piloto_rayg1g?previousSection=/ar/serie/la-brea_u31cv9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:5cb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05ac5fe46afbf1278d430973ce6aee1454f548638470761e48fb7f153e24127f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 28 Dec 2021 21:31:45 GMT
content-type: text/html
last-modified: Tue, 28 Dec 2021 15:44:50 GMT
expires: Wed, 29 Dec 2021 21:31:45 GMT
cache-control: max-age=86400 public
pragma: public
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ifvM4DkS4NXS41DdPFSrvmnrGStpxdAPvMxaCwyRkS%2BBG83YoZkEJ7unRJvAFbv%2FihjqsItz7wHJHB2V1LP8Drbcpyjb973CXLjvfChuJxsIXZdnCKGQWfjhnS48%2Bh8w4XC0tpFpWYwZQ%2BssF7cuMbELHyLM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6c4de5b5c89c59d1-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 40ms
16ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: play.universalplus.com
URL: https://play.universalplus.com/ar/player/serie/la-brea/piloto_rayg1g?previousSection=/ar/serie/la-brea_u31cv9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.universalplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 28 Dec 2021 20:15:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 28 Dec 2021 21:31:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Dec 2021 21:31:45 GMT

GET
H2 200 icon
fonts.googleapis.com/ 569 B
440 B 41ms
17ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: play.universalplus.com
URL: https://play.universalplus.com/ar/player/serie/la-brea/piloto_rayg1g?previousSection=/ar/serie/la-brea_u31cv9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

99c1697bfc05f8e00314bc2aa32c60b123b311965e94e91801d3876d86d72fdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.universalplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 28 Dec 2021 21:31:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 28 Dec 2021 21:31:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Dec 2021 21:31:45 GMT

GET
H2 200 vendors-bundle.css
experience-cdn.tbxnet.com/v1.8.33/css/ 0
398 B 290ms
257ms Stylesheet
text/css 104.18.11.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://experience-cdn.tbxnet.com/v1.8.33/css/vendors-bundle.css
Requested by: Host: play.universalplus.com
URL: https://play.universalplus.com/ar/player/serie/la-brea/piloto_rayg1g?previousSection=/ar/serie/la-brea_u31cv9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.11.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.universalplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 21:31:45 GMT
cf-cache-status: MISS
content-length: 0
last-modified: Tue, 28 Dec 2021 15:19:28 GMT
server: cloudflare
etag: "61cb2b00-0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6c4de5b80e015b62-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Wed, 29 Dec 2021 21:31:45 GMT

GET
H2 200 bundle.20211228_154414.css
experience-universalplus.tbxnet.com/css/ 822 KB
101 KB 743ms
705ms Stylesheet
text/css 104.18.10.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://experience-universalplus.tbxnet.com/css/bundle.20211228_154414.css?_v=1.5.80
Requested by: Host: play.universalplus.com
URL: https://play.universalplus.com/ar/player/serie/la-brea/piloto_rayg1g?previousSection=/ar/serie/la-brea_u31cv9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 023a0e61c636d140e4ee30a4c806e0134574ba8e90876d191c873351122d72fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.universalplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: public
date: Tue, 28 Dec 2021 21:31:45 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 28 Dec 2021 15:44:17 GMT
server: cloudflare
etag: W/"61cb30d1-cd61c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400, public
cf-ray: 6c4de5b80dc47033-FRA
expires: Wed, 29 Dec 2021 21:31:45 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
51 KB 53ms
29ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: play.universalplus.com
URL: https://play.universalplus.com/ar/player/serie/la-brea/piloto_rayg1g?previousSection=/ar/serie/la-brea_u31cv9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce150a79f0843db4222b22c3422ed2b07416cbaca8cf24e0c2007f1a1ccd3b3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.universalplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 21:31:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51738
x-xss-protection: 0
server: cafe
etag: 7621140192649601139
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 28 Dec 2021 21:31:46 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 78 KB
27 KB 88ms
38ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: play.universalplus.com
URL: https://play.universalplus.com/ar/player/serie/la-brea/piloto_rayg1g?previousSection=/ar/serie/la-brea_u31cv9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.universalplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 21:31:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1085 / 550 of 1000 / last-modified: 1639397097"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26912
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 28 Dec 2021 21:31:46 GMT

GET
H2 200 logo.png
experience-universalplus.tbxnet.com/images/ 48 KB
48 KB 492ms
492ms Image
image/png 104.18.10.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://experience-universalplus.tbxnet.com/images/logo.png?_v=20211228_154414
Requested by: Host: play.universalplus.com
URL: https://play.universalplus.com/ar/player/serie/la-brea/piloto_rayg1g?previousSection=/ar/serie/la-brea_u31cv9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c98ca259dd291f9ec977731b8ec78e05fd08c5d703799c5f7a4c11739e736d4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.universalplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: public
date: Tue, 28 Dec 2021 21:31:46 GMT
cf-cache-status: MISS
last-modified: Tue, 28 Dec 2021 15:44:15 GMT
server: cloudflare
etag: "61cb30cf-c0a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=86400, public
accept-ranges: bytes
cf-ray: 6c4de5bdab527033-FRA
content-length: 49315
expires: Wed, 29 Dec 2021 21:31:46 GMT

GET
H2 200 jquery-1.12.3.min.js Show response
experience-cdn.tbxnet.com/libs/ 95 KB
33 KB 582ms
541ms Script
application/javascript 104.18.11.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://experience-cdn.tbxnet.com/libs/jquery-1.12.3.min.js
Requested by: Host: play.universalplus.com
URL: https://play.universalplus.com/ar/player/serie/la-brea/piloto_rayg1g?previousSection=/ar/serie/la-brea_u31cv9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.11.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69a3831c082fc105b56c53865cc797fa90b83d920fb2f9f6875b00ad83a18174

Request headers

Referer: https://play.universalplus.com/
Origin: https://play.universalplus.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 21:31:46 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Fri, 01 Oct 2021 20:27:59 GMT
server: cloudflare
etag: W/"61576f4f-17b9c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 6c4de5b9ebc83bda-CDG
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Wed, 29 Dec 2021 21:31:45 GMT

GET
H2 200 bootstrap-3.3.6.min.js Show response
experience-cdn.tbxnet.com/libs/ 36 KB
10 KB 411ms
411ms Script
application/javascript 104.18.11.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://experience-cdn.tbxnet.com/libs/bootstrap-3.3.6.min.js
Requested by: Host: play.universalplus.com
URL: https://play.universalplus.com/ar/player/serie/la-brea/piloto_rayg1g?previousSection=/ar/serie/la-brea_u31cv9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.11.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

Request headers

Referer: https://play.universalplus.com/
Origin: https://play.universalplus.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 21:31:46 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 01 Oct 2021 20:27:59 GMT
server: cloudflare
etag: W/"61576f4f-9004"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 6c4de5bd5d963bda-CDG
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Wed, 29 Dec 2021 21:31:46 GMT

GET
H2 200 vendors-bundle.js Show response
experience-cdn.tbxnet.com/v1.8.33/ 1 MB
432 KB 610ms
610ms Script
application/javascript 104.18.11.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://experience-cdn.tbxnet.com/v1.8.33/vendors-bundle.js
Requested by: Host: play.universalplus.com
URL: https://play.universalplus.com/ar/player/serie/la-brea/piloto_rayg1g?previousSection=/ar/serie/la-brea_u31cv9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.11.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d295275b6448e0dad563e07a2842d12f23fae0a844b23fa4d4c7da40f8e6876

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.universalplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 21:31:46 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 28 Dec 2021 15:19:28 GMT
server: cloudflare
etag: W/"61cb2b00-16bc88"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 6c4de5bd7fdd5b62-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Wed, 29 Dec 2021 21:31:46 GMT

GET
H2 200 bundle.js Show response
experience-cdn.tbxnet.com/v1.8.33/ 2 MB
393 KB 640ms
639ms Script
application/javascript 104.18.11.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://experience-cdn.tbxnet.com/v1.8.33/bundle.js
Requested by: Host: play.universalplus.com
URL: https://play.universalplus.com/ar/player/serie/la-brea/piloto_rayg1g?previousSection=/ar/serie/la-brea_u31cv9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.11.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5cb7fb2f7e8028404ccb09c361667ab1ad95dfda28c1cecc123144f13690721

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.universalplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 21:31:46 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 28 Dec 2021 15:19:28 GMT
server: cloudflare
etag: W/"61cb2b00-1f749d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 6c4de5bda85e5b62-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Wed, 29 Dec 2021 21:31:46 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
718 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400

Requested by

Host: experience-universalplus.tbxnet.com
URL: https://experience-universalplus.tbxnet.com/css/bundle.20211228_154414.css?_v=1.5.80

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://experience-universalplus.tbxnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 28 Dec 2021 21:12:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 28 Dec 2021 21:31:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Dec 2021 21:31:46 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/ 276 KB
99 KB 46ms
31ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2374064157978519&plah=play.universalplus.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00db1163ca6054f2a8496a8613addd64991e27eedc8a136ca3e1f9dc04e894f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.universalplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 21:31:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101734
x-xss-protection: 0
server: cafe
etag: 4507154694380913909
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 28 Dec 2021 21:31:46 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/ Frame 9641 11 KB
5 KB 46ms
7ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://play.universalplus.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 28 Dec 2021 18:36:45 GMT
expires: Tue, 11 Jan 2022 18:36:45 GMT
content-type: text/html; charset=UTF-8
etag: 17731914101004188133
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4884
x-xss-protection: 0
age: 10501
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 pubads_impl_2021120601.js Show response
securepubads.g.doubleclick.net/gpt/ 348 KB
117 KB 38ms
23ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.universalplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 21:31:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119476
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 09:34:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 28 Dec 2021 21:31:46 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 99 B
116 B 30ms
16ms XHR
application/json 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=play.universalplus.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

1c2618227b732a21254e92b12b3cbe5957e542cbb8e323dd4513a9f457ece571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.universalplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Dec 2021 21:31:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91
x-xss-protection: 0
expires: Tue, 28 Dec 2021 21:31:46 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 221 B
448 B 30ms
15ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=play.universalplus.com&callback=_gfp_s_&client=ca-pub-2374064157978519

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2374064157978519&plah=play.universalplus.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

40d467676501cf5145feb85de1be0ed00f0e65804375de508dce17ee2f30eed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.universalplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 21:31:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 202
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 41ms
17ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=play.universalplus.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.universalplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Dec 2021 21:31:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 40ms
16ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=play.universalplus.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.universalplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Dec 2021 21:31:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fplay.universalplus.com%2Far%2Fplayer%2Fserie%2Fla-brea%2Fpiloto_rayg1g%3FpreviousSection%3D%2Far%2Fserie%2Fla-brea_u31cv9&tn=DIV&cls=loader-container&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: play.universalplus.com
URL: https://play.universalplus.com/ar/player/serie/la-brea/piloto_rayg1g?previousSection=/ar/serie/la-brea_u31cv9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.universalplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 21:31:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: play.universalplus.com
URL: https://play.universalplus.com/ar/player/serie/la-brea/piloto_rayg1g?previousSection=/ar/serie/la-brea_u31cv9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.universalplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 21:31:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AEB9 603 B
67 B 54ms
39ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2374064157978519&output=html&adk=1812271804&adf=3025194257&lmt=1640706290&plat=1%3A16777216%2C2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fplay.universalplus.com%2Far%2Fplayer%2Fserie%2Fla-brea%2Fpiloto_rayg1g%3FpreviousSection%3D%2Far%2Fserie%2Fla-brea_u31cv9&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640727106266&bpp=3&bdt=1042&idt=85&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=62769686262&frm=20&pv=2&ga_vid=1987320745.1640727106&ga_sid=1640727106&ga_hid=127076604&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C44753656&oid=2&pvsid=2917805008059295&pem=333&tmod=418&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=103

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://play.universalplus.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 28 Dec 2021 21:31:46 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v27/ 16 KB
17 KB 32ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://play.universalplus.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 24 Dec 2021 06:37:09 GMT
x-content-type-options: nosniff
age: 399278
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16692
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:32:10 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 24 Dec 2022 06:37:09 GMT

GET
H3 200 es.json Show response
play.universalplus.com/language/ 19 KB
7 KB 296ms
264ms Fetch
application/json 2606:4700:3030::6815:5cb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://play.universalplus.com/language/es.json?v=1.5.80
Requested by: Host: experience-cdn.tbxnet.com
URL: https://experience-cdn.tbxnet.com/v1.8.33/bundle.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:5cb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a4168f93a7641b0977e06d122d955404a818aaa0f08537857a8eb9fcca34b2f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.universalplus.com/ar/player/serie/la-brea/piloto_rayg1g?previousSection=/ar/serie/la-brea_u31cv9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: public
date: Tue, 28 Dec 2021 21:31:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 28 Dec 2021 15:44:15 GMT
server: cloudflare
etag: W/"61cb30cf-4b5b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FP7B2bf0lbhORGeFtDEtoHhFDnkjsBScPA0BDVs%2FPXOVE5yc81jNtBLZ4OiI5mSmyz26jd36wsbhf%2Frl1jPlUQgowfTis9w6yPklOEVnYb4VRT5NLKmd1keq0MXcBgCgdYR%2BIsFRfGrIuh6P0XAYSkL53Vxx"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: max-age=86400, public
cf-ray: 6c4de5c599c63762-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Wed, 29 Dec 2021 21:31:47 GMT

GET
H3 200 config.json Show response
play.universalplus.com/ 715 B
906 B 299ms
268ms Fetch
application/json 2606:4700:3030::6815:5cb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://play.universalplus.com/config.json
Requested by: Host: experience-cdn.tbxnet.com
URL: https://experience-cdn.tbxnet.com/v1.8.33/bundle.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:5cb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5108e3751f1e5e8ea4db6981db87b5a4d2ebda834610b28b5cb6f867ef8bd00

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.universalplus.com/ar/player/serie/la-brea/piloto_rayg1g?previousSection=/ar/serie/la-brea_u31cv9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: public
date: Tue, 28 Dec 2021 21:31:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 28 Dec 2021 15:44:15 GMT
server: cloudflare
etag: W/"61cb30cf-2cb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VZJTroFTWlYtR%2FoP%2BfnUiTw2HYP6z8BaxLC5QSmQZOOpU2HQTYgVJGo92m1heUAX8w6UVwN0whpBrnlhm6Ap9RI6V0vm2lVggBjyK8%2ByPFEr%2BnDEnRgUmsb8%2BigupRbINO6585gNdDmq6tyhHeyZ9l%2Fp3Crz"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: max-age=86400, public
cf-ray: 6c4de5c599c83762-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Wed, 29 Dec 2021 21:31:47 GMT

POST
H2 200 bootstrap Show response
unity.tbxapis.com/v0/webapi/ 9 KB
4 KB 375ms
357ms Fetch
application/json 104.18.31.84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://unity.tbxapis.com/v0/webapi/bootstrap?_c=1640727107416
Requested by: Host: experience-cdn.tbxnet.com
URL: https://experience-cdn.tbxnet.com/v1.8.33/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.31.84 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4f81f4e7d56bcc1223e7082d70552809f0ac9d4578024aae1b1ed8a3c4f0ae3

Request headers

Accept: application/json
Referer: https://play.universalplus.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 28 Dec 2021 21:31:48 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"2508-UZuZSI4mQEo7BGU9P/D3VdvYm1M"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://play.universalplus.com
access-control-allow-credentials: true
cf-ray: 6c4de5c7fdd8692e-FRA

OPTIONS
H2 204 bootstrap
unity.tbxapis.com/v0/webapi/ Frame 0
0 393ms
340ms Preflight 104.18.31.84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://unity.tbxapis.com/v0/webapi/bootstrap?_c=1640727107416
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.31.84 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://play.universalplus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 28 Dec 2021 21:31:47 GMT
access-control-allow-origin: https://play.universalplus.com
vary: Origin, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-headers: content-type
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6c4de5c5bda53a29-CDG

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 36ms
20ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b7430dc46e431ddabf8778e1ccf3bb53925c49b21c228d34a6387fe7e28933

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.universalplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Dec 2021 21:31:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8596
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 43ms
14ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.universalplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 21:31:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Tue, 28 Dec 2021 21:31:47 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 98F4 13 KB
5 KB 23ms
7ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://play.universalplus.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Tue, 28 Dec 2021 21:24:35 GMT
expires: Wed, 28 Dec 2022 21:24:35 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 432
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 005D 783 B
1 KB 41ms
17ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2108e665ae1123c5ef064b5e87f6107f8aeca2475e1e3f6b59e1cea0d249c4c8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hPlDVYthzCS7w41UItHczA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://play.universalplus.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 28 Dec 2021 21:31:47 GMT
date: Tue, 28 Dec 2021 21:31:47 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-hPlDVYthzCS7w41UItHczA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js Show response
pagead2.googlesyndication.com/bg/ Frame 98F4 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fc828bb9cb60dfab4ce7ef6f96f61630f7d816be2c36b9ae08462fa8adc0bbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 11:28:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36204
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13559
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Dec 2022 11:28:23 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 005D 0
0 45ms
44ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20211207&jk=2917805008059295&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20211207&jk=2917805008059295&bg=!UFOlUxfNAAZKWFskSlg7ACkAdvg8WrTXjc0jBbLn__Yzp9VMfQrukMqDACwC5dHwMLHCE-Ib7Iqc_wIAAABMUgAAAAtoAQcKAJqZ3nw4zcea3rOaPC581cqMQkY5Zyrf1CItCi_HttUTgwiGeVhiddTa4ZyfPZLMA4KGpKnZn1yC-VOdPR9GqkeVoZcg0N2Gx9XIuubAH-r0NWyae6DqFbAup5BUztpSM5mcMntClFzmypp8DLxojpk9-wjJ_ScguAaDE-jkSBnulHJLhv7Uf9u2hKhbCFsvPXYMxfuoFTVJ6nqKmQLdSnLAsnZwp8iYfjJ2NkZ5BSdJwDE8GONjaujtYNGPVkWlTUwdRZcbKfFvziWmDfNx1DcJ6uwamh95u7hbL9SPO2g0CP371nbVVwuKdOIFciIreOCbPpDxzQH0VNEWOIhUZ0Nz8D3MfiXQMj-6FyAA7G-baj9iYqfeNxlgE4vtgyimvRiq6v-b5w198bCUAXxNUcuQt1hR_3o_VHAwfEoTvDTy5kycf-N-vMToNnD7fJ1uaj1lWInqIw-PmQ6MiVe3j53ma6bcYSUAPiuUU8gb6Ck7zNfLSBrSaTZcB7_5HaPICEkKyjLpb-q1tLCiRQz9n_s77_5KCigqKxYceRL0za8vpArIlixNrYhcCUm4JUeuW7iSCRV4DZF0z5GZ6hZHIoX30v5fYDbKjPiXXbQJSpSHbyOwSMQ1EfGd4UrFsUzI7wHzMKuUkEiNVmOIMBj6iCvhbpWcJ6-qs48973Uf295xo5OkRGFuntYjsFjvd56_PjLDhUcH3oTWVA_Eou8toMdBSJmN-vwX81Gjf1SW48oAMjKHb5-eeaBjZchNBHTzYNyAFOn5hPwGENHFCYEJge8EVfrsijbsEidUKU7SGI6ABbW0Ol51bH4JR7msDdicDy32pomcyuvKI21J3jbv15p22w4u5OGwpFIpTghaPFF2ftTFQzfu8nViSM3QLJe3ColUgQCdhfWQ-tRh_UceAoX9imVE6iE3hEqNLo8TKP4f0sEsWkfWPTZbsbN2pV6e8SaTSsAoMMqG6lfMSbqVpV39yYdobuYk9hckx0c3q1CIvj0VuEtbYg_D0aCpnfQf40H8UC4wKndAs9DULubHZpWHaYfTuufVtE14zOhuEgJGkSzwstuxT6jCgnHT8k1y62avfYQOR2_d52Ye9x1CxHoOYKuHGDKeN5vUmqZKnJIvTGwgSRT73HROmFGVKY8DydLaPXSqGjlCfVK0HEpaXkk5ZO0W2M8GbmJZYg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.universalplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 21:31:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: experience-cdn.tbxnet.com
URL: https://experience-cdn.tbxnet.com/v1.8.33/vendors-bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.universalplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1842
date: Tue, 28 Dec 2021 21:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 28 Dec 2021 23:01:06 GMT

GET
H3 200 es.json Show response
play.universalplus.com/language/ 19 KB
7 KB 177ms
176ms Fetch
application/json 2606:4700:3030::6815:5cb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://play.universalplus.com/language/es.json?v=1.5.80
Requested by: Host: experience-cdn.tbxnet.com
URL: https://experience-cdn.tbxnet.com/v1.8.33/bundle.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:5cb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a4168f93a7641b0977e06d122d955404a818aaa0f08537857a8eb9fcca34b2f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.universalplus.com/ar/player/serie/la-brea/piloto_rayg1g?previousSection=/ar/serie/la-brea_u31cv9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: public
date: Tue, 28 Dec 2021 21:31:48 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 28 Dec 2021 15:44:15 GMT
server: cloudflare
etag: W/"61cb30cf-4b5b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E55GX%2FZbL1Aan6A%2Fb4SgDpJfulDlibXEeoTrjztQzFAwHatLShLxR%2BYXZMAL3Tl8aAmsNnsQraXzG34lh39Gia0r8y8ItrSVOdaBdOwrFy4LqYKvABZSETI%2FVYwa6vSk9cLgifyubly1hp1asWVb%2FqDUilh4"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: max-age=86400, public
cf-ray: 6c4de5ca4c993762-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Wed, 29 Dec 2021 21:31:48 GMT

GET
H2 200 mso.json Show response
sp.tbxnet.com/v2/auth/nbcu/ 8 KB
831 B 303ms
285ms Fetch
application/json 104.18.11.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sp.tbxnet.com/v2/auth/nbcu/mso.json
Requested by: Host: experience-cdn.tbxnet.com
URL: https://experience-cdn.tbxnet.com/v1.8.33/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.11.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61aa08d2bb1f220493caf9f0dfc5f258333161363e952590191e7976fa4bf4a9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.universalplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 21:31:48 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
server: cloudflare
etag: W/"1efe-jISORRZR28wwyfXIPmtnSOwKrk0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://play.universalplus.com
cache-control: public, max-age=300, s-maxage=600, stale-while-revalidate=3600
access-control-allow-credentials: true
cf-ray: 6c4de5cc5ee93bda-CDG

GET
H2 200 search.png
experience-universalplus.tbxnet.com/images/ 2 KB
2 KB 269ms
269ms Image
image/png 104.18.10.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://experience-universalplus.tbxnet.com/images/search.png?_v=1.8.33
Requested by: Host: experience-universalplus.tbxnet.com
URL: https://experience-universalplus.tbxnet.com/css/bundle.20211228_154414.css?_v=1.5.80
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4b8cf37fecda40bd1b7e72e76db5324a6546a9df286b8f2b76ab0d3cf51618c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://experience-universalplus.tbxnet.com/css/bundle.20211228_154414.css?_v=1.5.80
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: public
date: Tue, 28 Dec 2021 21:31:48 GMT
cf-cache-status: MISS
last-modified: Tue, 28 Dec 2021 15:44:15 GMT
server: cloudflare
etag: "61cb30cf-709"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=86400, public
accept-ranges: bytes
cf-ray: 6c4de5cc4edf7033-FRA
content-length: 1801
expires: Wed, 29 Dec 2021 21:31:48 GMT

GET
H2 200 tbx-player.min.js Show response
experience-cdn.tbxnet.com/player/v3.0.24/ 1 MB
351 KB 36ms
36ms Script
application/javascript 104.18.11.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://experience-cdn.tbxnet.com/player/v3.0.24/tbx-player.min.js
Requested by: Host: experience-cdn.tbxnet.com
URL: https://experience-cdn.tbxnet.com/v1.8.33/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.11.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08e5e734b29499150868c404ec81412d8d1dc09aa204090793eca624ea2bb8eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.universalplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 21:31:48 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2732
last-modified: Tue, 16 Nov 2021 22:55:38 GMT
server: cloudflare
etag: W/"619436ea-12a8f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 6c4de5cc5c235b62-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Wed, 29 Dec 2021 20:46:16 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 375 KB
124 KB 56ms
17ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: experience-cdn.tbxnet.com
URL: https://experience-cdn.tbxnet.com/v1.8.33/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92492a41ed7dbc02f64b8f399adef0bc87063f9011ea0dcf397d19a8d484bfa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.universalplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 21:31:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126523
x-xss-protection: 0
expires: Tue, 28 Dec 2021 21:31:48 GMT

GET
H3 404 logo-image-modal.png
play.universalplus.com/images/ 4 KB
4 KB 274ms
273ms Image
text/html 2606:4700:3030::6815:5cb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://play.universalplus.com/images/logo-image-modal.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:5cb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05ac5fe46afbf1278d430973ce6aee1454f548638470761e48fb7f153e24127f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.universalplus.com/ar/player/serie/la-brea/piloto_rayg1g?previousSection=/ar/serie/la-brea_u31cv9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 21:31:48 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LB30vr6wlXepzRAMUaReDuWjky96XQhZxsahga2YEYUy5CgvR1VcIvDVm1d9lQh9JHK4HBcJUufCO2MDdR2aafLCDAzBkHExPRPmfnHtbhxMhtCios6Oc7J4%2FCKyLPfsVPBaASTu%2BpZgERmddGQN3V%2FHg%2Bu2"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cf-ray: 6c4de5cc69723762-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 logo.png
play.universalplus.com/images/ 48 KB
49 KB 505ms
504ms Image
image/png 2606:4700:3030::6815:5cb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://play.universalplus.com/images/logo.png?_v=1.5.80
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:5cb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c98ca259dd291f9ec977731b8ec78e05fd08c5d703799c5f7a4c11739e736d4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.universalplus.com/ar/player/serie/la-brea/piloto_rayg1g?previousSection=/ar/serie/la-brea_u31cv9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 21:31:49 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 49315
pragma: public
last-modified: Tue, 28 Dec 2021 15:44:15 GMT
server: cloudflare
etag: "61cb30cf-c0a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2FqRJemZ85kHsh46KPSAIxe3z%2B0JCVSA2%2BxHEh2uJ13qIWtBjjW53U0EKMH5%2FigKkphaRPfgnCnGiz6F8%2BXwOwD2YW7%2FpO7k6dV%2B6tm9YJpVC5s2q7XfM7SxQ%2Fx1duZZluHHLli0uONKVFOjVU9OSXc09%2BxW"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400, public
accept-ranges: bytes
cf-ray: 6c4de5cc69733762-MXP
expires: Wed, 29 Dec 2021 21:31:48 GMT

GET
H3 200 fb.png
play.universalplus.com/images/footer/ 494 B
1 KB 153ms
152ms Image
image/png 2606:4700:3030::6815:5cb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://play.universalplus.com/images/footer/fb.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:5cb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6f83b6e6ba04950b5cfb2918d425d220fda3ec95ced31264eb9f2bfc78daf3e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.universalplus.com/ar/player/serie/la-brea/piloto_rayg1g?previousSection=/ar/serie/la-brea_u31cv9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 21:31:48 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 494
pragma: public
last-modified: Tue, 28 Dec 2021 15:44:15 GMT
server: cloudflare
etag: "61cb30cf-1ee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ORgyZMZKEFbNxmLtKG%2BhVelTncDebJztNItqVobtU6GEtPk9V7Y0WzXllMHHm6ZCxDARsPtYyGWv7edrodrVAZpORxxWWJ1a4xJbQweg4DURAVcxQwdL1QOfuMCwwfas8dyZuVbEWSiyD0s99iU6ZRQWZgpG"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400, public
accept-ranges: bytes
cf-ray: 6c4de5cc69743762-MXP
expires: Wed, 29 Dec 2021 21:31:48 GMT

GET
H3 200 tw.png
play.universalplus.com/images/footer/ 1 KB
2 KB 284ms
283ms Image
image/png 2606:4700:3030::6815:5cb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://play.universalplus.com/images/footer/tw.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:5cb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5ae7b0833eed944e6016aba6d34b7bc8370e13aa36d19aacaf1e2f14ebb85e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.universalplus.com/ar/player/serie/la-brea/piloto_rayg1g?previousSection=/ar/serie/la-brea_u31cv9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 21:31:48 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1526
pragma: public
last-modified: Tue, 28 Dec 2021 15:44:15 GMT
server: cloudflare
etag: "61cb30cf-5f6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bWvOkC%2Bl7cQt3IbRt5gPY7clR6uzTKS%2FeMOzYTtoamgz9ODSSM5dV6ST%2BzS0tqrShaQi0n3LiOiW3kvmrejTgyUdohhMe6E252n0fu4xE1buCVVsrVIlKZ0tKtaBrWUx%2BsTmdKRmPBZ4vCeW%2BDS7E8Z%2F2x%2Fy"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400, public
accept-ranges: bytes
cf-ray: 6c4de5cc69763762-MXP
expires: Wed, 29 Dec 2021 21:31:48 GMT

GET
H3 200 ig.png
play.universalplus.com/images/footer/ 2 KB
2 KB 269ms
268ms Image
image/png 2606:4700:3030::6815:5cb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://play.universalplus.com/images/footer/ig.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:5cb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4be0b3e9c185929a3e1a98593c14402fde94234e32fd34947f955f4d252f0d8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.universalplus.com/ar/player/serie/la-brea/piloto_rayg1g?previousSection=/ar/serie/la-brea_u31cv9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 21:31:48 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1803
pragma: public
last-modified: Tue, 28 Dec 2021 15:44:15 GMT
server: cloudflare
etag: "61cb30cf-70b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f48bNlu31BH9eqjfLqEf6%2FOELI%2BqMWjsewAp66bL7Yp7s545%2FbJqX3nfDoYUxxFMvb3cif1%2FBCzP7qP6DjXe6mcr8YbSVdM87hE7Lb%2BLZ59uUTLPYiU8sD%2BXsEHl%2FuSO523Bhb3twBuvZ3gZU6xXt2s9EIec"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400, public
accept-ranges: bytes
cf-ray: 6c4de5cc69773762-MXP
expires: Wed, 29 Dec 2021 21:31:48 GMT

GET
H2 200 unity-module.min.js Show response
experience-cdn.tbxnet.com/player/unity_module/v0.0.14/ 104 KB
36 KB 38ms
37ms Script
application/javascript 104.18.11.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://experience-cdn.tbxnet.com/player/unity_module/v0.0.14/unity-module.min.js
Requested by: Host: experience-cdn.tbxnet.com
URL: https://experience-cdn.tbxnet.com/v1.8.33/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.11.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebadbe88c20e1dcbe59e06ecc6bbec9f572eb5878659bb418710e6b84d5f9778

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.universalplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 21:31:48 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2731
last-modified: Fri, 01 Oct 2021 20:27:59 GMT
server: cloudflare
etag: W/"61576f4f-1a1a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 6c4de5cd2e1c5b62-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Wed, 29 Dec 2021 20:46:17 GMT

GET
H2 200 tbx-player.min.css
experience-cdn.tbxnet.com/player/v3.0.24/ 58 KB
14 KB 33ms
32ms Stylesheet
text/css 104.18.11.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://experience-cdn.tbxnet.com/player/v3.0.24/tbx-player.min.css
Requested by: Host: experience-cdn.tbxnet.com
URL: https://experience-cdn.tbxnet.com/v1.8.33/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.11.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d879895e07e47a047ee7500b53bae37db58e7f6cb8ff90e977618e6204f91ac8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.universalplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 21:31:48 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2731
last-modified: Tue, 16 Nov 2021 22:55:38 GMT
server: cloudflare
etag: W/"619436ea-e943"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 6c4de5cd2e205b62-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Wed, 29 Dec 2021 20:46:17 GMT

OPTIONS
H2 204 rayg1g
unity.tbxapis.com/v0/webapi/player/ Frame 0
0 331ms
331ms Preflight 104.18.31.84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://unity.tbxapis.com/v0/webapi/player/rayg1g?_c=1640727108715
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.31.84 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://play.universalplus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 28 Dec 2021 21:31:49 GMT
access-control-allow-origin: https://play.universalplus.com
vary: Origin, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-headers: authorization
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6c4de5cd882c3a29-CDG

GET
H2 200 rayg1g Show response
unity.tbxapis.com/v0/webapi/player/ 14 KB
2 KB 371ms
370ms Fetch
application/json 104.18.31.84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://unity.tbxapis.com/v0/webapi/player/rayg1g?_c=1640727108715
Requested by: Host: experience-cdn.tbxnet.com
URL: https://experience-cdn.tbxnet.com/v1.8.33/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.31.84 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e124013aa8156f8255a544571254bdc0a6789633373c436613cbc4a5a266d5e5

Request headers

Accept: application/json
Referer: https://play.universalplus.com/
Authorization: JWT eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJUb29sYm94IERpZ2l0YWwgU0EiLCJhdWQiOiJ1bml0eS50YnhhcGlzLmNvbSIsImlhdCI6MTY0MDcyNzEwOCwiZXhwIjoxNjQwODk5OTA4LCJjb3VudHJ5IjoiQVIiLCJsYW5ndWFnZSI6ImVzIiwiY2xpZW50IjoiNmViMGFlY2JlYTE3NDRiNmY4ZTkyZjllNzg0ZWM3ZTgiLCJpbmRleCI6IjYxMzY4NDY3NmU2YTQ3NmE2NTY3ZDI0NSJ9.8-cZeLXjZAu1KrtCKGFkv_hqWePa1FxCyj6ISpeMhEw
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 21:31:49 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"3783-BC4pn2KLrK/BOsSSWwUgS6uuJMA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://play.universalplus.com
access-control-allow-credentials: true
cf-ray: 6c4de5cf9e88692e-FRA

GET
H2 200 rayg1g Show response
unity.tbxapis.com/v0/webapi/player/ 14 KB
2 KB 374ms
374ms Fetch
application/json 104.18.31.84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://unity.tbxapis.com/v0/webapi/player/rayg1g?_c=1640727108715
Requested by: Host: experience-cdn.tbxnet.com
URL: https://experience-cdn.tbxnet.com/v1.8.33/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.31.84 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e124013aa8156f8255a544571254bdc0a6789633373c436613cbc4a5a266d5e5

Request headers

Accept: application/json
Referer: https://play.universalplus.com/
Authorization: JWT eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJUb29sYm94IERpZ2l0YWwgU0EiLCJhdWQiOiJ1bml0eS50YnhhcGlzLmNvbSIsImlhdCI6MTY0MDcyNzEwOCwiZXhwIjoxNjQwODk5OTA4LCJjb3VudHJ5IjoiQVIiLCJsYW5ndWFnZSI6ImVzIiwiY2xpZW50IjoiNmViMGFlY2JlYTE3NDRiNmY4ZTkyZjllNzg0ZWM3ZTgiLCJpbmRleCI6IjYxMzY4NDY3NmU2YTQ3NmE2NTY3ZDI0NSJ9.8-cZeLXjZAu1KrtCKGFkv_hqWePa1FxCyj6ISpeMhEw
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 21:31:49 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"3783-BC4pn2KLrK/BOsSSWwUgS6uuJMA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://play.universalplus.com
access-control-allow-credentials: true
cf-ray: 6c4de5cf9e8b692e-FRA

OPTIONS
H2 204 rayg1g
unity.tbxapis.com/v0/webapi/player/ Frame 0
0 332ms
332ms Preflight 104.18.31.84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://unity.tbxapis.com/v0/webapi/player/rayg1g?_c=1640727108715
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.31.84 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://play.universalplus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 28 Dec 2021 21:31:49 GMT
access-control-allow-origin: https://play.universalplus.com
vary: Origin, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-headers: authorization
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6c4de5cd882d3a29-CDG

GET
H3 404 logo-image-modal.png
play.universalplus.com/images/ 4 KB
4 KB 27ms
27ms Image
text/html 2606:4700:3030::6815:5cb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://play.universalplus.com/images/logo-image-modal.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:5cb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05ac5fe46afbf1278d430973ce6aee1454f548638470761e48fb7f153e24127f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.universalplus.com/ar/player/serie/la-brea/piloto_rayg1g?previousSection=/ar/serie/la-brea_u31cv9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 21:31:48 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fiJXNpZtVKnv3xzm%2BgoIJQZ1CX%2FYABMLh5W%2BTLaCzygvJdwGT8A1%2Bqlh733P5%2BVNFahPEgCDt%2Bx3tfaD7im76CPat6mUT1SRO%2Bh9NiO%2FPnVFjnHwFlzGPRaK34UsCVfsS2FBVOVn1DMp2QnB8Xw%2FBrg0Jd9T"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cf-ray: 6c4de5ce2dc83762-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

OPTIONS
H2 204 rayg1g
unity.tbxapis.com/v0/webapi/player/ Frame 0
0 323ms
322ms Preflight 104.18.31.84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://unity.tbxapis.com/v0/webapi/player/rayg1g?_c=1640727109444
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.31.84 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://play.universalplus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 28 Dec 2021 21:31:49 GMT
access-control-allow-origin: https://play.universalplus.com
vary: Origin, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-headers: authorization
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6c4de5d2195e3a29-CDG

GET
H3 404 logo-image-modal.png
play.universalplus.com/images/ 4 KB
4 KB 29ms
29ms Image
text/html 2606:4700:3030::6815:5cb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://play.universalplus.com/images/logo-image-modal.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:5cb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05ac5fe46afbf1278d430973ce6aee1454f548638470761e48fb7f153e24127f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.universalplus.com/ar/player/serie/la-brea/piloto_rayg1g?previousSection=/ar/serie/la-brea_u31cv9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 21:31:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g2B0Gxd6zCdl2ltAhyy4hX%2Bc3%2FYaQSb8Q0OwKgx9EOxk14EEMV0EoYY2I43i8E7BEsQiUW3AchfZe9E%2FqOiMow18RJNVvVF0dyw8yv1j0B0y7DCXPuT8e4%2B%2FbBCUlMH4hEQtea65j9sr7b7oMi36290uof1B"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cf-ray: 6c4de5d21ed43762-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 rayg1g Show response
unity.tbxapis.com/v0/webapi/player/ 14 KB
2 KB 194ms
193ms Fetch
application/json 104.18.31.84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://unity.tbxapis.com/v0/webapi/player/rayg1g?_c=1640727109444
Requested by: Host: experience-cdn.tbxnet.com
URL: https://experience-cdn.tbxnet.com/v1.8.33/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.31.84 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e124013aa8156f8255a544571254bdc0a6789633373c436613cbc4a5a266d5e5

Request headers

Accept: application/json
Referer: https://play.universalplus.com/
Authorization: JWT eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJUb29sYm94IERpZ2l0YWwgU0EiLCJhdWQiOiJ1bml0eS50YnhhcGlzLmNvbSIsImlhdCI6MTY0MDcyNzEwOCwiZXhwIjoxNjQwODk5OTA4LCJjb3VudHJ5IjoiQVIiLCJsYW5ndWFnZSI6ImVzIiwiY2xpZW50IjoiNmViMGFlY2JlYTE3NDRiNmY4ZTkyZjllNzg0ZWM3ZTgiLCJpbmRleCI6IjYxMzY4NDY3NmU2YTQ3NmE2NTY3ZDI0NSJ9.8-cZeLXjZAu1KrtCKGFkv_hqWePa1FxCyj6ISpeMhEw
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 21:31:49 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"3783-BC4pn2KLrK/BOsSSWwUgS6uuJMA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://play.universalplus.com
access-control-allow-credentials: true
cf-ray: 6c4de5d41995692e-FRA

GET
H2 200 ar.gif
sp.tbxnet.com/flags/default/ 367 B
445 B 269ms
267ms Image
image/gif 104.18.10.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.tbxnet.com/flags/default/ar.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 229bbf2651c706e9e68f9864302de727f74d346b3bf575dc5d629209d06db68b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.universalplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 21:31:49 GMT
cf-cache-status: MISS
last-modified: Wed, 06 Oct 2021 18:37:26 GMT
server: cloudflare
etag: W/"16f-17c56e56270"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/gif
cache-control: public, max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6c4de5d20d9a7033-FRA
content-length: 367

GET
H2 200 bo.gif
sp.tbxnet.com/flags/default/ 588 B
666 B 268ms
266ms Image
image/gif 104.18.10.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.tbxnet.com/flags/default/bo.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cc62a656aca16b0819ee602904f4700176252cf0b46f34c3ca017ce38719a93

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.universalplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 21:31:49 GMT
cf-cache-status: MISS
last-modified: Wed, 06 Oct 2021 18:37:26 GMT
server: cloudflare
etag: W/"24c-17c56e56270"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/gif
cache-control: public, max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6c4de5d20d9c7033-FRA
content-length: 588

GET
H2 200 cl.gif
sp.tbxnet.com/flags/default/ 595 B
673 B 274ms
272ms Image
image/gif 104.18.10.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.tbxnet.com/flags/default/cl.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4bda011edafb12e553c96100ccf8b233302330fed63e19b9df288884386fc99

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.universalplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 21:31:49 GMT
cf-cache-status: MISS
last-modified: Wed, 06 Oct 2021 18:37:26 GMT
server: cloudflare
etag: W/"253-17c56e56270"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/gif
cache-control: public, max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6c4de5d20da17033-FRA
content-length: 595

GET
H2 200 co.gif
sp.tbxnet.com/flags/default/ 594 B
672 B 287ms
285ms Image
image/gif 104.18.10.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.tbxnet.com/flags/default/co.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c360ea0c417dddf839fa0038ae75db77e3acc34057bc461f878637925111ae90

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.universalplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 21:31:49 GMT
cf-cache-status: MISS
last-modified: Wed, 06 Oct 2021 18:37:26 GMT
server: cloudflare
etag: W/"252-17c56e56270"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/gif
cache-control: public, max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6c4de5d21da47033-FRA
content-length: 594

GET
H2 200 cr.gif
sp.tbxnet.com/flags/default/ 373 B
451 B 292ms
290ms Image
image/gif 104.18.10.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.tbxnet.com/flags/default/cr.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83f6102ff307922443652a8253b5cb8f2b082da9225c846f289cfe1566f08fa3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.universalplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 21:31:49 GMT
cf-cache-status: MISS
last-modified: Wed, 06 Oct 2021 18:37:26 GMT
server: cloudflare
etag: W/"175-17c56e56270"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/gif
cache-control: public, max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6c4de5d21da77033-FRA
content-length: 373

GET
H2 200 do.gif
sp.tbxnet.com/flags/default/ 618 B
812 B 264ms
262ms Image
image/gif 104.18.10.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.tbxnet.com/flags/default/do.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b1e0cb495cd1bd2e52909c838655600098d87e27168cbd68091038e128bbd6c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.universalplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 21:31:49 GMT
cf-cache-status: MISS
last-modified: Wed, 06 Oct 2021 18:37:26 GMT
server: cloudflare
etag: W/"26a-17c56e56270"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/gif
cache-control: public, max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6c4de5d21da97033-FRA
content-length: 618

GET
H2 200 ec.gif
sp.tbxnet.com/flags/default/ 604 B
682 B 262ms
261ms Image
image/gif 104.18.10.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.tbxnet.com/flags/default/ec.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9abe6738df1a94b8c76695341cf3148af1c6ec02a345b550484fb90eddbff3e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.universalplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 21:31:49 GMT
cf-cache-status: MISS
last-modified: Wed, 06 Oct 2021 18:37:26 GMT
server: cloudflare
etag: W/"25c-17c56e56270"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/gif
cache-control: public, max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6c4de5d3ba087033-FRA
content-length: 604

GET
H2 200 gt.gif
sp.tbxnet.com/flags/default/ 390 B
477 B 293ms
292ms Image
image/gif 104.18.10.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.tbxnet.com/flags/default/gt.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0403af943d531858ce2bb72818dd4c4ebb8ffeb4c79265157d3a2c81a89df7e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.universalplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 21:31:50 GMT
cf-cache-status: MISS
last-modified: Wed, 06 Oct 2021 18:37:26 GMT
server: cloudflare
etag: W/"186-17c56e56270"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/gif
cache-control: public, max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6c4de5d3ba237033-FRA
content-length: 390

GET
H2 200 hn.gif
sp.tbxnet.com/flags/default/ 372 B
450 B 257ms
256ms Image
image/gif 104.18.10.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.tbxnet.com/flags/default/hn.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a8535d766dbee338fb3f3eba71b3b7bafc46ba7c5bb3bca1522403117a3abdc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.universalplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 21:31:49 GMT
cf-cache-status: MISS
last-modified: Wed, 06 Oct 2021 18:37:26 GMT
server: cloudflare
etag: W/"174-17c56e56270"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/gif
cache-control: public, max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6c4de5d3ba277033-FRA
content-length: 372

GET
H2 200 ht.gif
sp.tbxnet.com/flags/default/ 582 B
663 B 290ms
288ms Image
image/gif 104.18.10.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.tbxnet.com/flags/default/ht.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a59cca80ffdd568f4d2801ae2a5c98f7f05c6b14af3753ab750e1d3bbc536391

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.universalplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 21:31:49 GMT
cf-cache-status: MISS
last-modified: Wed, 06 Oct 2021 18:37:26 GMT
server: cloudflare
etag: W/"246-17c56e56270"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/gif
cache-control: public, max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6c4de5d3ca3e7033-FRA
content-length: 582

GET
H2 200 mx.gif
sp.tbxnet.com/flags/default/ 608 B
687 B 304ms
303ms Image
image/gif 104.18.10.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.tbxnet.com/flags/default/mx.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b101ee8c5c8a9a490ba0f6bf908fea32eb51e1987c92e71cd8c8b9a263b4a632

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.universalplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 21:31:50 GMT
cf-cache-status: MISS
last-modified: Wed, 06 Oct 2021 18:37:26 GMT
server: cloudflare
etag: W/"260-17c56e56270"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/gif
cache-control: public, max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6c4de5d3ca367033-FRA
content-length: 608

GET
H2 200 ni.gif
sp.tbxnet.com/flags/default/ 370 B
448 B 273ms
272ms Image
image/gif 104.18.10.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.tbxnet.com/flags/default/ni.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: caf838a087fba9d81f1336e1a90d26ad7e75c072ebfc2d37387b98ee55f8d09c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.universalplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 21:31:49 GMT
cf-cache-status: MISS
last-modified: Wed, 06 Oct 2021 18:37:26 GMT
server: cloudflare
etag: W/"172-17c56e56270"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/gif
cache-control: public, max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6c4de5d3ca417033-FRA
content-length: 370

GET
H2 200 pa.gif
sp.tbxnet.com/flags/default/ 613 B
692 B 284ms
283ms Image
image/gif 104.18.10.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.tbxnet.com/flags/default/pa.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66e41e13597e5fa2c5934b60329b367d44ee4862de7285e25b146db7bfa89f21

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.universalplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 21:31:49 GMT
cf-cache-status: MISS
last-modified: Wed, 06 Oct 2021 18:37:26 GMT
server: cloudflare
etag: W/"265-17c56e56270"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/gif
cache-control: public, max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6c4de5d3ca477033-FRA
content-length: 613

GET
H2 200 pe.gif
sp.tbxnet.com/flags/default/ 588 B
646 B 272ms
271ms Image
image/gif 104.18.10.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.tbxnet.com/flags/default/pe.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1b7131b1dfd84cc45c30e99e09778a4dcf1a29add6cbdea85a13c3d7caf60f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.universalplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 21:31:49 GMT
cf-cache-status: MISS
last-modified: Wed, 06 Oct 2021 18:37:26 GMT
server: cloudflare
etag: W/"24c-17c56e56270"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/gif
cache-control: public, max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6c4de5d3ca377033-FRA
content-length: 588

GET
H2 200 py.gif
sp.tbxnet.com/flags/default/ 590 B
770 B 291ms
289ms Image
image/gif 104.18.10.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.tbxnet.com/flags/default/py.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1df0668d0a786e4919759803c49528afdea9591976451686cc236dcec8672a0c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.universalplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 21:31:50 GMT
cf-cache-status: MISS
last-modified: Wed, 06 Oct 2021 18:37:26 GMT
server: cloudflare
etag: W/"24e-17c56e56270"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/gif
cache-control: public, max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6c4de5d3ca3a7033-FRA
content-length: 590

GET
H2 200 sv.gif
sp.tbxnet.com/flags/default/ 369 B
447 B 273ms
272ms Image
image/gif 104.18.10.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.tbxnet.com/flags/default/sv.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 348c162fcf99933144ebd9a12bb59fba905eabde0d8374fc2a16526cac256cb9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.universalplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 21:31:49 GMT
cf-cache-status: MISS
last-modified: Wed, 06 Oct 2021 18:37:26 GMT
server: cloudflare
etag: W/"171-17c56e56270"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/gif
cache-control: public, max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6c4de5d3ca447033-FRA
content-length: 369

GET
H2 200 tt.gif
sp.tbxnet.com/flags/default/ 606 B
696 B 31ms
30ms Image
image/gif 104.18.10.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.tbxnet.com/flags/default/tt.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5465cd79096212e5d040c8a31b64bc4cd0a597fbe5fbf5a8f378c5415748311b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.universalplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 21:31:49 GMT
cf-cache-status: HIT
last-modified: Wed, 06 Oct 2021 18:37:26 GMT
server: cloudflare
age: 164623
etag: W/"25e-17c56e56270"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/gif
cache-control: public, max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6c4de5d3ca3d7033-FRA
content-length: 606

GET
H2 200 uy.gif
sp.tbxnet.com/flags/default/ 600 B
677 B 255ms
254ms Image
image/gif 104.18.10.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.tbxnet.com/flags/default/uy.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4055d422e4fd0331c988b2a27f5b0f3544e00eb2fcfc1ec6aa5a49e00ce02a75

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.universalplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 21:31:49 GMT
cf-cache-status: MISS
last-modified: Wed, 06 Oct 2021 18:37:26 GMT
server: cloudflare
etag: W/"258-17c56e56270"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/gif
cache-control: public, max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6c4de5d3ca297033-FRA
content-length: 600

GET
H2 200 ve.gif
sp.tbxnet.com/flags/default/ 610 B
688 B 305ms
303ms Image
image/gif 104.18.10.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.tbxnet.com/flags/default/ve.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f9b25725c822507303787962466b764de54a8140e1fd1af33fbda18c6a25cb6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.universalplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 21:31:50 GMT
cf-cache-status: MISS
last-modified: Wed, 06 Oct 2021 18:37:26 GMT
server: cloudflare
etag: W/"262-17c56e56270"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/gif
cache-control: public, max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6c4de5d3ca387033-FRA
content-length: 610

GET
H3 404 logo-image-modal.png
play.universalplus.com/images/ 4 KB
4 KB 39ms
39ms Image
text/html 2606:4700:3030::6815:5cb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://play.universalplus.com/images/logo-image-modal.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:5cb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05ac5fe46afbf1278d430973ce6aee1454f548638470761e48fb7f153e24127f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.universalplus.com/ar/player/serie/la-brea/piloto_rayg1g?previousSection=/ar/serie/la-brea_u31cv9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 21:31:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EpnXNX%2F4wHoITMxjOHiGPi7Y%2BP5TmyBm78%2BiX%2FvIk0V2Weda8MQcQbkflLOr%2BgV1Y4HST4FxTPV5AuwO9Dr3OaO1SxNIa1RwUPlYDb2QLYeK0RlVF3HF4I%2BqolIrJJWqbfEuvUekgH6GJbyCshiWEMyYNhRd"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cf-ray: 6c4de5d56dc73762-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.universalplus.com/	1970-01-20 09:07:03	Name: __gads Value: ID=6fe167c1700fa569-221fc04811cd0013:T=1640727106:RT=1640727106:S=ALNI_MYc8YgUxeZkw8Q3OVvcA_2OoSvVwg
.doubleclick.net/	1970-01-19 23:45:28	Name: test_cookie Value: CheckForPermission
.universalplus.com/	1970-01-20 17:16:39	Name: _ga Value: GA1.2.1987320745.1640727106
.universalplus.com/	1970-01-19 23:46:53	Name: _gid Value: GA1.2.2068909712.1640727108

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2374064157978519&output=html&adk=1812271804&adf=3025194257&lmt=1640706290&plat=1%3A16777216%2C2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fplay.universalplus.com%2Far%2Fplayer%2Fserie%2Fla-brea%2Fpiloto_rayg1g%3FpreviousSection%3D%2Far%2Fserie%2Fla-brea_u31cv9&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640727106266&bpp=3&bdt=1042&idt=85&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=62769686262&frm=20&pv=2&ga_vid=1987320745.1640727106&ga_sid=1640727106&ga_hid=127076604&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C44753656&oid=2&pvsid=2917805008059295&pem=333&tmod=418&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=103 Message: Failed to load resource: the server responded with a status of 403 ()
javascript	warning	URL: https://experience-cdn.tbxnet.com/player/v3.0.24/tbx-player.min.js(Line 31) Message: It is recommended that a robustness level be specified. Not specifying the robustness level could result in unexpected behavior.
network	error	URL: https://play.universalplus.com/images/logo-image-modal.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://play.universalplus.com/images/logo-image-modal.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://play.universalplus.com/images/logo-image-modal.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://play.universalplus.com/images/logo-image-modal.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
experience-cdn.tbxnet.com
experience-universalplus.tbxnet.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
imasdk.googleapis.com
pagead2.googlesyndication.com
partner.googleadservices.com
play.universalplus.com
securepubads.g.doubleclick.net
sp.tbxnet.com
tpc.googlesyndication.com
unity.tbxapis.com
www.google-analytics.com
www.google.com
104.18.10.69
104.18.11.69
104.18.31.84
142.250.185.66
2606:4700:3030::6815:5cb0
2a00:1450:4001:808::200a
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:810::2003
2a00:1450:4001:827::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::200e
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
00db1163ca6054f2a8496a8613addd64991e27eedc8a136ca3e1f9dc04e894f8
023a0e61c636d140e4ee30a4c806e0134574ba8e90876d191c873351122d72fc
05ac5fe46afbf1278d430973ce6aee1454f548638470761e48fb7f153e24127f
08e5e734b29499150868c404ec81412d8d1dc09aa204090793eca624ea2bb8eb
0b1e0cb495cd1bd2e52909c838655600098d87e27168cbd68091038e128bbd6c
1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc
1c2618227b732a21254e92b12b3cbe5957e542cbb8e323dd4513a9f457ece571
1df0668d0a786e4919759803c49528afdea9591976451686cc236dcec8672a0c
2108e665ae1123c5ef064b5e87f6107f8aeca2475e1e3f6b59e1cea0d249c4c8
229bbf2651c706e9e68f9864302de727f74d346b3bf575dc5d629209d06db68b
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
2cc62a656aca16b0819ee602904f4700176252cf0b46f34c3ca017ce38719a93
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
348c162fcf99933144ebd9a12bb59fba905eabde0d8374fc2a16526cac256cb9
3a4168f93a7641b0977e06d122d955404a818aaa0f08537857a8eb9fcca34b2f
4055d422e4fd0331c988b2a27f5b0f3544e00eb2fcfc1ec6aa5a49e00ce02a75
40d467676501cf5145feb85de1be0ed00f0e65804375de508dce17ee2f30eed9
4be0b3e9c185929a3e1a98593c14402fde94234e32fd34947f955f4d252f0d8a
4f9b25725c822507303787962466b764de54a8140e1fd1af33fbda18c6a25cb6
5465cd79096212e5d040c8a31b64bc4cd0a597fbe5fbf5a8f378c5415748311b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58b7430dc46e431ddabf8778e1ccf3bb53925c49b21c228d34a6387fe7e28933
5a8535d766dbee338fb3f3eba71b3b7bafc46ba7c5bb3bca1522403117a3abdc
61aa08d2bb1f220493caf9f0dfc5f258333161363e952590191e7976fa4bf4a9
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
66e41e13597e5fa2c5934b60329b367d44ee4862de7285e25b146db7bfa89f21
69a3831c082fc105b56c53865cc797fa90b83d920fb2f9f6875b00ad83a18174
7fc828bb9cb60dfab4ce7ef6f96f61630f7d816be2c36b9ae08462fa8adc0bbf
83f6102ff307922443652a8253b5cb8f2b082da9225c846f289cfe1566f08fa3
8d295275b6448e0dad563e07a2842d12f23fae0a844b23fa4d4c7da40f8e6876
92492a41ed7dbc02f64b8f399adef0bc87063f9011ea0dcf397d19a8d484bfa7
99c1697bfc05f8e00314bc2aa32c60b123b311965e94e91801d3876d86d72fdd
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b8cf37fecda40bd1b7e72e76db5324a6546a9df286b8f2b76ab0d3cf51618c
a4f81f4e7d56bcc1223e7082d70552809f0ac9d4578024aae1b1ed8a3c4f0ae3
a59cca80ffdd568f4d2801ae2a5c98f7f05c6b14af3753ab750e1d3bbc536391
a5ae7b0833eed944e6016aba6d34b7bc8370e13aa36d19aacaf1e2f14ebb85e0
a5cb7fb2f7e8028404ccb09c361667ab1ad95dfda28c1cecc123144f13690721
b101ee8c5c8a9a490ba0f6bf908fea32eb51e1987c92e71cd8c8b9a263b4a632
b9abe6738df1a94b8c76695341cf3148af1c6ec02a345b550484fb90eddbff3e
c0403af943d531858ce2bb72818dd4c4ebb8ffeb4c79265157d3a2c81a89df7e
c360ea0c417dddf839fa0038ae75db77e3acc34057bc461f878637925111ae90
c4bda011edafb12e553c96100ccf8b233302330fed63e19b9df288884386fc99
c98ca259dd291f9ec977731b8ec78e05fd08c5d703799c5f7a4c11739e736d4f
c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40
caf838a087fba9d81f1336e1a90d26ad7e75c072ebfc2d37387b98ee55f8d09c
cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0
ce150a79f0843db4222b22c3422ed2b07416cbaca8cf24e0c2007f1a1ccd3b3b
d6f83b6e6ba04950b5cfb2918d425d220fda3ec95ced31264eb9f2bfc78daf3e
d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e
d879895e07e47a047ee7500b53bae37db58e7f6cb8ff90e977618e6204f91ac8
e124013aa8156f8255a544571254bdc0a6789633373c436613cbc4a5a266d5e5
e1b7131b1dfd84cc45c30e99e09778a4dcf1a29add6cbdea85a13c3d7caf60f6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5108e3751f1e5e8ea4db6981db87b5a4d2ebda834610b28b5cb6f867ef8bd00
ebadbe88c20e1dcbe59e06ecc6bbec9f572eb5878659bb418710e6b84d5f9778

play.universalplus.com Open in urlscan Pro 2606:4700:3030::6815:5cb0 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

76 Requests

100 %HTTPS

71 %IPv6

11 Domains

17 Subdomains

14 IPs

3 Countries

2028 kBTransfer

7386 kBSize

4 Cookies

5 Outgoing links

Redirected requests

76 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

play.universalplus.com Open in urlscan Pro
2606:4700:3030::6815:5cb0 Public Scan

Screenshot
Live screenshot

Full Image

76
Requests

100 %
HTTPS

71 %
IPv6

11
Domains

17
Subdomains

14
IPs

3
Countries

2028 kB
Transfer

7386 kB
Size

4
Cookies

76 HTTP transactions
0 data transactions