ambers-airline-high-hopes.en.uptodown.com Open in urlscan Pro
151.101.3.52  Public Scan

URL: https://ambers-airline-high-hopes.en.uptodown.com/android
Submission: On December 08 via api from US — Scanned from CH

Summary

This website contacted 27 IPs in 4 countries across 19 domains to perform 81 HTTP transactions. The main IP is 151.101.3.52, located in San Francisco, United States and belongs to FASTLY, US. The main domain is ambers-airline-high-hopes.en.uptodown.com.
TLS certificate: Issued by Certainly Intermediate R1 on November 22nd 2024. Valid for: a month.
This is the only time ambers-airline-high-hopes.en.uptodown.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
28 151.101.3.52 54113 (FASTLY)
13 151.101.67.52 54113 (FASTLY)
1 188.226.136.4 14061 (DIGITALOC...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 172.67.69.203 13335 (CLOUDFLAR...)
1 188.114.96.3 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 172.217.16.134 15169 (GOOGLE)
3 172.217.18.2 15169 (GOOGLE)
3 146.185.171.17 14061 (DIGITALOC...)
2 130.211.23.194 396982 (GOOGLE-CL...)
1 2001:4860:480... 15169 (GOOGLE)
3 18.245.38.207 16509 (AMAZON-02)
1 142.250.185.98 15169 (GOOGLE)
1 82.196.14.222 14061 (DIGITALOC...)
1 18.245.31.123 16509 (AMAZON-02)
1 23.215.23.172 16625 (AKAMAI-AS)
1 65.9.66.68 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 52.48.183.31 16509 (AMAZON-02)
7 172.217.16.206 15169 (GOOGLE)
1 216.58.206.66 15169 (GOOGLE)
1 2607:f8b0:402... 15169 (GOOGLE)
81 27
Apex Domain
Subdomains
Transfer
36 utdstc.com
stc.utdstc.com — Cisco Umbrella Rank: 148354
img.utdstc.com — Cisco Umbrella Rank: 145136
263 KB
9 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 695
71 KB
5 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 145
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
pubads.g.doubleclick.net — Cisco Umbrella Rank: 438
209 KB
5 cookie-script.com
geo.cookie-script.com — Cisco Umbrella Rank: 32040
cdn.cookie-script.com — Cisco Umbrella Rank: 22121
consent.cookie-script.com — Cisco Umbrella Rank: 38873
291 KB
4 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 347
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 687
91 KB
3 btloader.com
btloader.com — Cisco Umbrella Rank: 947
api.btloader.com — Cisco Umbrella Rank: 1068
20 KB
3 uptodown.com
ambers-airline-high-hopes.en.uptodown.com
www.uptodown.com — Cisco Umbrella Rank: 762260
42 KB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1010
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1026
13 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 975
2 KB
2 uptodown.net
m.uptodown.net — Cisco Umbrella Rank: 163270
22 KB
2 ssm.codes
scripts.ssm.codes — Cisco Umbrella Rank: 98439
ssm.codes — Cisco Umbrella Rank: 32963
145 KB
1 gstatic.com
csi.gstatic.com
532 B
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
26 KB
1 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1004
29 KB
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 1791
324 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1120
17 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3353
1 dns-finder.com
bt.dns-finder.com — Cisco Umbrella Rank: 277135
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
106 KB
81 19
Domain Requested by
23 img.utdstc.com ambers-airline-high-hopes.en.uptodown.com
13 stc.utdstc.com ambers-airline-high-hopes.en.uptodown.com
9 fundingchoicesmessages.google.com ambers-airline-high-hopes.en.uptodown.com
3 c.amazon-adsystem.com scripts.ssm.codes
c.amazon-adsystem.com
3 cdn.cookie-script.com geo.cookie-script.com
cdn.cookie-script.com
3 securepubads.g.doubleclick.net scripts.ssm.codes
securepubads.g.doubleclick.net
ambers-airline-high-hopes.en.uptodown.com
2 api.btloader.com btloader.com
2 ad-delivery.net ambers-airline-high-hopes.en.uptodown.com
2 m.uptodown.net ambers-airline-high-hopes.en.uptodown.com
m.uptodown.net
2 ambers-airline-high-hopes.en.uptodown.com
1 csi.gstatic.com pagead2.googlesyndication.com
1 pagead2.googlesyndication.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 cdn.id5-sync.com ambers-airline-high-hopes.en.uptodown.com
1 cdn.hadronid.net ambers-airline-high-hopes.en.uptodown.com
1 tags.crwdcntrl.net ambers-airline-high-hopes.en.uptodown.com
1 secure.cdn.fastclick.net ambers-airline-high-hopes.en.uptodown.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 www.uptodown.com
1 consent.cookie-script.com geo.cookie-script.com
1 pubads.g.doubleclick.net
1 region1.google-analytics.com www.googletagmanager.com
1 ssm.codes scripts.ssm.codes
1 ad.doubleclick.net ambers-airline-high-hopes.en.uptodown.com
1 bt.dns-finder.com btloader.com
1 scripts.ssm.codes ambers-airline-high-hopes.en.uptodown.com
1 www.googletagmanager.com ambers-airline-high-hopes.en.uptodown.com
1 btloader.com ambers-airline-high-hopes.en.uptodown.com
1 geo.cookie-script.com ambers-airline-high-hopes.en.uptodown.com
81 29

This site contains links to these domains. Also see Links.

Domain
spotify.en.uptodown.com
honkai-star-rail.en.uptodown.com
en.uptodown.com
infinity-nikki.en.uptodown.com
fifa-soccer-gameplay-beta.en.uptodown.com
free-fire-battlegrounds.en.uptodown.com
archero-2.en.uptodown.com
mobile-legends.en.uptodown.com
microsoft-edge.en.uptodown.com
pokemon-tcg-pocket.en.uptodown.com
com-meitu-wink.en.uptodown.com
delta-force-hawk-ops.en.uptodown.com
www.gamehouseoriginalstories.com
support.uptodown.com
clash-of-clans.en.uptodown.com
jurassic-park-builder.en.uptodown.com
hay-day.en.uptodown.com
township.en.uptodown.com
jurassic-world-the-game.en.uptodown.com
com-kidgamestudio-chefsfoodtruck.en.uptodown.com
royal-cooking-cooking-games.en.uptodown.com
cooking-fever-duels.en.uptodown.com
the-simpsons-tapped-out.en.uptodown.com
farmville-2-country-escape.en.uptodown.com
castleville-legends.en.uptodown.com
sushi-diner.en.uptodown.com
delicious-emily.en.uptodown.com
delicious-emilys-road-trip.en.uptodown.com
pubg-mobile-lite.en.uptodown.com
free-fire-advance.en.uptodown.com
fortnite.en.uptodown.com
pubg-mobile.en.uptodown.com
dream-league-soccer-2023.en.uptodown.com
ksl-v1-2-beta-multiplayer.en.uptodown.com
gacha-life.en.uptodown.com
blog.en.uptodown.com
uptodown-android.en.uptodown.com
ambers-airline-high-hopes.uptodown.com
ambers-airline-high-hopes.br.uptodown.com
ambers-airline-high-hopes.de.uptodown.com
ambers-airline-high-hopes.fr.uptodown.com
ambers-airline-high-hopes.it.uptodown.com
ambers-airline-high-hopes.cn.uptodown.com
ambers-airline-high-hopes.jp.uptodown.com
ambers-airline-high-hopes.ru.uptodown.com
ambers-airline-high-hopes.kr.uptodown.com
ambers-airline-high-hopes.id.uptodown.com
ambers-airline-high-hopes.ar.uptodown.com
ambers-airline-high-hopes.th.uptodown.com
ambers-airline-high-hopes.tr.uptodown.com
ambers-airline-high-hopes.in.uptodown.com
ambers-airline-high-hopes.vi.uptodown.com
ambers-airline-high-hopes.ro.uptodown.com
www.youtube.com
www.tiktok.com
x.com
instagram.com
www.linkedin.com
www.facebook.com
uptodown.factorialhr.es
Subject Issuer Validity Valid
uptodown.com
Certainly Intermediate R1
2024-11-22 -
2024-12-22
a month crt.sh
*.utdstc.com
Certainly Intermediate R1
2024-11-30 -
2024-12-30
a month crt.sh
*.cookie-script.com
Sectigo RSA Domain Validation Secure Server CA
2024-07-17 -
2025-08-17
a year crt.sh
*.google.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
btloader.com
WE1
2024-12-06 -
2025-03-06
3 months crt.sh
*.google-analytics.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
ssm.codes
WE1
2024-11-09 -
2025-02-07
3 months crt.sh
uptodown.net
Certainly Intermediate R1
2024-11-15 -
2024-12-15
a month crt.sh
dns-finder.com
WE1
2024-11-13 -
2025-02-11
3 months crt.sh
ad-delivery.net
WE1
2024-11-10 -
2025-02-08
3 months crt.sh
*.doubleclick.net
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
*.g.doubleclick.net
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
api.btloader.com
WR3
2024-11-29 -
2025-02-27
3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M03
2024-11-19 -
2025-12-18
a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02
2024-01-21 -
2025-02-19
a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1
2024-08-07 -
2025-08-07
a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M02
2024-09-07 -
2025-10-07
a year crt.sh
hadronid.net
WE1
2024-11-22 -
2025-02-20
3 months crt.sh
id5-sync.com
WE1
2024-11-28 -
2025-02-26
3 months crt.sh
*.gstatic.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh

This page contains 2 frames:

Primary Page: https://ambers-airline-high-hopes.en.uptodown.com/android
Frame ID: 6089D86838235F4F4C9C7B43695AE098
Requests: 87 HTTP requests in this frame

Frame: https://ssm.codes/topics/topics_frame.html
Frame ID: CF7A09C9F273C7244062A7CFFA0AE383
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Amber's Airline - High Hopes for Android - Download the APK from Uptodown

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

81
Requests

100 %
HTTPS

31 %
IPv6

19
Domains

29
Subdomains

27
IPs

4
Countries

1350 kB
Transfer

4897 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

81 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request android
ambers-airline-high-hopes.en.uptodown.com/
134 KB
27 KB
Document
General
Full URL
https://ambers-airline-high-hopes.en.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.3.52 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d326af4fe9dbc616937f017cc934b40891c3eb581dc262c930c3f90007dd1782
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
must-revalidate, public, max-age=300,private
content-encoding
gzip
content-length
26945
content-type
text/html;charset=UTF-8
date
Sun, 08 Dec 2024 05:11:13 GMT
expires
Mon, 09 Dec 2024 05:11:13 GMT
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=300
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-frame-options
SAMEORIGIN
x-served-by
cache-lin1730062-LIN, cache-lin1730052-LIN
x-timer
S1733634673.015023,VS0,VE85
geomanist-medium-webfont-test.woff2
stc.utdstc.com/fonts/
17 KB
17 KB
Font
General
Full URL
https://stc.utdstc.com/fonts/geomanist-medium-webfont-test.woff2
Requested by
Host: ambers-airline-high-hopes.en.uptodown.com
URL: https://ambers-airline-high-hopes.en.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fccde017f4c101570f9a09e7fc88c97f45706ddda309799aa1ccb0a7e49e7a99
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://ambers-airline-high-hopes.en.uptodown.com
Referer
https://ambers-airline-high-hopes.en.uptodown.com/

Response headers

etag
"649e82da-43b0"
age
1022562
expires
Wed, 26 Nov 2025 09:08:31 GMT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS, HIT
date
Sun, 08 Dec 2024 05:11:13 GMT
last-modified
Fri, 30 Jun 2023 07:23:06 GMT
content-type
application/octet-stream
x-served-by
cache-lin1730045-LIN, cache-lin1730073-LIN
x-cache-hits
0, 8889
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=300
cache-control
max-age=31536000
x-timer
S1733634673.184486,VS0,VE0
referrer-policy
strict-origin-when-cross-origin
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
17328
geomanist-regular-webfont-test.woff2
stc.utdstc.com/fonts/
17 KB
17 KB
Font
General
Full URL
https://stc.utdstc.com/fonts/geomanist-regular-webfont-test.woff2
Requested by
Host: ambers-airline-high-hopes.en.uptodown.com
URL: https://ambers-airline-high-hopes.en.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f00d64b58462446057e5093cb434ad1b5bad866d921598392b939e734f5eb438
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://ambers-airline-high-hopes.en.uptodown.com
Referer
https://ambers-airline-high-hopes.en.uptodown.com/

Response headers

etag
"649e82da-4238"
age
1022562
expires
Wed, 26 Nov 2025 09:08:31 GMT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS, HIT
date
Sun, 08 Dec 2024 05:11:13 GMT
last-modified
Fri, 30 Jun 2023 07:23:06 GMT
content-type
application/octet-stream
x-served-by
cache-lin1730080-LIN, cache-lin1730073-LIN
x-cache-hits
0, 8895
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=300
cache-control
max-age=31536000
x-timer
S1733634673.184486,VS0,VE0
referrer-policy
strict-origin-when-cross-origin
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
16952
vendor.css
stc.utdstc.com/1733299958669/
1 KB
769 B
Stylesheet
General
Full URL
https://stc.utdstc.com/1733299958669/vendor.css
Requested by
Host: ambers-airline-high-hopes.en.uptodown.com
URL: https://ambers-airline-high-hopes.en.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8b89e261e885c16647d44df70dcc9002f3484bad778e284966a7ebe371c06c98
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ambers-airline-high-hopes.en.uptodown.com/

Response headers

content-encoding
gzip
etag
W/"67500efe-4a4"
age
330546
expires
Thu, 04 Dec 2025 09:22:06 GMT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS, HIT
date
Sun, 08 Dec 2024 05:11:13 GMT
last-modified
Wed, 04 Dec 2024 08:12:46 GMT
content-type
text/css
x-served-by
cache-lin1730075-LIN, cache-lin1730028-LIN
x-cache-hits
0, 3645
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=300
vary
Accept-Encoding
cache-control
max-age=31536000, public
pragma
public
x-timer
S1733634673.182329,VS0,VE0
referrer-policy
strict-origin-when-cross-origin
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
607
detail.css
stc.utdstc.com/1733299958669/
83 KB
13 KB
Stylesheet
General
Full URL
https://stc.utdstc.com/1733299958669/detail.css
Requested by
Host: ambers-airline-high-hopes.en.uptodown.com
URL: https://ambers-airline-high-hopes.en.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0684e64ee11ec885ccf5f3d22c139b315c24008a53984811abf0fea0976bacdf
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ambers-airline-high-hopes.en.uptodown.com/

Response headers

content-encoding
gzip
etag
W/"67500efe-14ab6"
age
330546
expires
Thu, 04 Dec 2025 09:22:06 GMT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS, HIT
date
Sun, 08 Dec 2024 05:11:13 GMT
last-modified
Wed, 04 Dec 2024 08:12:46 GMT
content-type
text/css
x-served-by
cache-lin1730075-LIN, cache-lin1730028-LIN
x-cache-hits
0, 2644
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=300
vary
Accept-Encoding
cache-control
max-age=31536000, public
pragma
public
x-timer
S1733634673.182047,VS0,VE0
referrer-policy
strict-origin-when-cross-origin
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
12629
a52be48a31f50475bd697e1db8507f9d.js
geo.cookie-script.com/s/
888 KB
148 KB
Script
General
Full URL
https://geo.cookie-script.com/s/a52be48a31f50475bd697e1db8507f9d.js?country=no-is-li-gb-ch-br&state=ca&region=eu
Requested by
Host: ambers-airline-high-hopes.en.uptodown.com
URL: https://ambers-airline-high-hopes.en.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.226.136.4 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
485daa5d1c1d7e1aa830fd9d8ce025fb8991f0285260a381bb363e2154c8e03d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ambers-airline-high-hopes.en.uptodown.com/

Response headers

x-cache-status
HIT
access-control-allow-origin
*
content-encoding
gzip
date
Sun, 08 Dec 2024 05:11:13 GMT
content-type
application/javascript
last-modified
Sat, 07 Dec 2024 05:20:43 GMT
pub-0337387298854186
fundingchoicesmessages.google.com/i/
196 KB
65 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/pub-0337387298854186?ers=1
Requested by
Host: ambers-airline-high-hopes.en.uptodown.com
URL: https://ambers-airline-high-hopes.en.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8a475ccd94b746ca916c2fc2bfdf7010e8a510226e5f15be517e9d734e2d2306
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-0TkLwWtQahq3XvFCBkjEfw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ambers-airline-high-hopes.en.uptodown.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 08 Dec 2024 05:11:13 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmII1JBikPj6kkkDiJ3SZ7AGAXHrzXOsU4HYeO15VmcgTvp3nrUIiA0VLrE6gnDRJVZPIFbtucRqCsT3111ifQ7EM85fZl0AxEUSV1ibgJjh6xVWDiAW4ub4eOXKLjaBCbMP5ippJOUXxifn55UUZSaVluQXpSWnpRanFpWlFsUbGRiZGBoZmOoZmMQXGAAAyX1A9g"
content-security-policy
script-src 'report-sample' 'nonce-0TkLwWtQahq3XvFCBkjEfw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
GSBWYJXrihc.jpg
img.utdstc.com/videos/
17 KB
17 KB
Image
General
Full URL
https://img.utdstc.com/videos/GSBWYJXrihc.jpg
Requested by
Host: ambers-airline-high-hopes.en.uptodown.com
URL: https://ambers-airline-high-hopes.en.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.3.52 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8fee2c37f08667e4491c5c093d125a516760971ea947809869cc651159228bbe
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=300
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ambers-airline-high-hopes.en.uptodown.com/

Response headers

etag
"65e2a4a1-42ec"
age
0
expires
Mon, 08 Dec 2025 05:11:13 GMT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS, MISS
date
Sun, 08 Dec 2024 05:11:13 GMT
content-type
image/webp
last-modified
Sat, 02 Mar 2024 04:01:37 GMT
x-served-by
cache-lin1730039-LIN, cache-lin1730048-LIN
x-cache-hits
0, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=300
content-security-policy
default-src 'self'
cache-control
max-age=31536000
x-timer
S1733634673.179145,VS0,VE107
referrer-policy
no-referrer-when-downgrade
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
17132
x-xss-protection
1; mode=block
tag
btloader.com/
59 KB
20 KB
Script
General
Full URL
https://btloader.com/tag?o=5175773613260800&upapi=true
Requested by
Host: ambers-airline-high-hopes.en.uptodown.com
URL: https://ambers-airline-high-hopes.en.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:293c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ad163481ac289c0c64698b501de4c42d2d0e845a94b59f635500edb7f10132f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ambers-airline-high-hopes.en.uptodown.com/

Response headers

x-robots-tag
noindex, nofollow
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
content-encoding
gzip
cf-cache-status
HIT
etag
"ff18a626e0501929e146bac8e5da9ac3"
age
199
via
1.1 google
cf-ray
8eea40e38d501ad7-FRA
accept-ranges
bytes
content-length
20043
date
Sun, 08 Dec 2024 05:11:13 GMT
content-type
application/javascript
last-modified
Sun, 08 Dec 2024 05:06:22 GMT
vary
Origin, Accept-Encoding
server
cloudflare
icons-nolazy.svg
stc.utdstc.com/img/
7 KB
3 KB
Image
General
Full URL
https://stc.utdstc.com/img/icons-nolazy.svg
Requested by
Host: ambers-airline-high-hopes.en.uptodown.com
URL: https://ambers-airline-high-hopes.en.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f30ad78709315382f6d4238c41c472fa6968ada3093504ff2127ff9115334ce7
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ambers-airline-high-hopes.en.uptodown.com/

Response headers

content-encoding
gzip
etag
W/"67346628-1bf1"
age
1022561
expires
Wed, 26 Nov 2025 09:08:31 GMT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS, HIT
date
Sun, 08 Dec 2024 05:11:13 GMT
last-modified
Wed, 13 Nov 2024 08:41:12 GMT
content-type
image/svg+xml
x-served-by
cache-lin1730076-LIN, cache-lin1730028-LIN
x-cache-hits
0, 10852
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=300
vary
Accept-Encoding
cache-control
max-age=31536000, public
pragma
public
x-timer
S1733634673.182001,VS0,VE0
referrer-policy
strict-origin-when-cross-origin
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
2548
icon-12-hotlink.svg
stc.utdstc.com/img/svgs/
902 B
680 B
Image
General
Full URL
https://stc.utdstc.com/img/svgs/icon-12-hotlink.svg
Requested by
Host: ambers-airline-high-hopes.en.uptodown.com
URL: https://ambers-airline-high-hopes.en.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2839413303baa82ca1b8a19957ddfa5422c548bfd8968f5e96e54ab8dc3f67fb
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ambers-airline-high-hopes.en.uptodown.com/

Response headers

content-encoding
gzip
etag
W/"67346628-386"
age
1022559
expires
Wed, 26 Nov 2025 09:08:33 GMT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS, HIT
date
Sun, 08 Dec 2024 05:11:13 GMT
last-modified
Wed, 13 Nov 2024 08:41:12 GMT
content-type
image/svg+xml
x-served-by
cache-lin1730021-LIN, cache-lin1730028-LIN
x-cache-hits
0, 8845
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=300
vary
Accept-Encoding
cache-control
max-age=31536000, public
pragma
public
x-timer
S1733634673.182044,VS0,VE0
referrer-policy
strict-origin-when-cross-origin
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
529
logo-uptodown.svg
stc.utdstc.com/img/svgs/
4 KB
1 KB
Image
General
Full URL
https://stc.utdstc.com/img/svgs/logo-uptodown.svg
Requested by
Host: ambers-airline-high-hopes.en.uptodown.com
URL: https://ambers-airline-high-hopes.en.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
06b55f0746c6b28ad7772a010963dbef74477f542eb754f5380c8a99ea9ba05f
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ambers-airline-high-hopes.en.uptodown.com/

Response headers

content-encoding
gzip
etag
W/"67346628-e09"
age
1022562
expires
Wed, 26 Nov 2025 09:08:31 GMT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS, HIT
date
Sun, 08 Dec 2024 05:11:13 GMT
last-modified
Wed, 13 Nov 2024 08:41:12 GMT
content-type
image/svg+xml
x-served-by
cache-lin1730035-LIN, cache-lin1730028-LIN
x-cache-hits
0, 8835
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=300
vary
Accept-Encoding
cache-control
max-age=31536000, public
pragma
public
x-timer
S1733634673.207265,VS0,VE0
referrer-policy
strict-origin-when-cross-origin
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
1034
05ea26c67e86d2617369b4b57ce43c1b9619cfc9381e5d826f20b74e2c4162a8:100
img.utdstc.com/icon/05e/a26/
3 KB
3 KB
Image
General
Full URL
https://img.utdstc.com/icon/05e/a26/05ea26c67e86d2617369b4b57ce43c1b9619cfc9381e5d826f20b74e2c4162a8:100
Requested by
Host: ambers-airline-high-hopes.en.uptodown.com
URL: https://ambers-airline-high-hopes.en.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.3.52 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e1db4b77563d16a803d3e1bf1c896179d58bc33a4edae3bb544731073d1949d4
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=300
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ambers-airline-high-hopes.en.uptodown.com/

Response headers

etag
"65d92e8c-bec"
age
0
expires
Mon, 08 Dec 2025 05:11:13 GMT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS, MISS
date
Sun, 08 Dec 2024 05:11:13 GMT
content-type
image/webp
last-modified
Fri, 23 Feb 2024 23:47:24 GMT
x-served-by
cache-lin1730030-LIN, cache-lin1730048-LIN
x-cache-hits
0, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=300
content-security-policy
default-src 'self'
cache-control
max-age=31536000
x-timer
S1733634673.179447,VS0,VE87
referrer-policy
no-referrer-when-downgrade
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
3052
x-xss-protection
1; mode=block
GSBWYJXrihc.jpg:200
img.utdstc.com/videos/
17 KB
17 KB
Image
General
Full URL
https://img.utdstc.com/videos/GSBWYJXrihc.jpg:200
Requested by
Host: ambers-airline-high-hopes.en.uptodown.com
URL: https://ambers-airline-high-hopes.en.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.3.52 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8fee2c37f08667e4491c5c093d125a516760971ea947809869cc651159228bbe
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=300
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ambers-airline-high-hopes.en.uptodown.com/

Response headers

etag
"65df5c8f-42ec"
age
0
expires
Mon, 08 Dec 2025 05:11:13 GMT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS, MISS
date
Sun, 08 Dec 2024 05:11:13 GMT
content-type
image/webp
last-modified
Wed, 28 Feb 2024 16:17:19 GMT
x-served-by
cache-lin1730058-LIN, cache-lin1730048-LIN
x-cache-hits
0, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=300
content-security-policy
default-src 'self'
cache-control
max-age=31536000
x-timer
S1733634673.179147,VS0,VE109
referrer-policy
no-referrer-when-downgrade
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
17132
x-xss-protection
1; mode=block
7153141c5566aeda97831268206df0675ae2185c6512e69de70d4d4aa0697105:200
img.utdstc.com/screen/715/314/
21 KB
21 KB
Image
General
Full URL
https://img.utdstc.com/screen/715/314/7153141c5566aeda97831268206df0675ae2185c6512e69de70d4d4aa0697105:200
Requested by
Host: ambers-airline-high-hopes.en.uptodown.com
URL: https://ambers-airline-high-hopes.en.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.3.52 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
99cec1405403e79397720205b778803f1d9992caa870226c314817dfab30692f
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=300
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ambers-airline-high-hopes.en.uptodown.com/

Response headers

etag
"66f19347-540e"
age
0
expires
Mon, 08 Dec 2025 05:11:13 GMT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS, MISS
date
Sun, 08 Dec 2024 05:11:13 GMT
content-type
image/webp
last-modified
Mon, 23 Sep 2024 16:11:51 GMT
x-served-by
cache-lin1730023-LIN, cache-lin1730048-LIN
x-cache-hits
0, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=300
content-security-policy
default-src 'self'
cache-control
max-age=31536000
x-timer
S1733634673.179144,VS0,VE94
referrer-policy
no-referrer-when-downgrade
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
21518
x-xss-protection
1; mode=block
50e1a0a86e3bdf453416af33beeda8cbbc8784008c5d30ce08c0e9b7e2063bcd:200
img.utdstc.com/screen/50e/1a0/
13 KB
13 KB
Image
General
Full URL
https://img.utdstc.com/screen/50e/1a0/50e1a0a86e3bdf453416af33beeda8cbbc8784008c5d30ce08c0e9b7e2063bcd:200
Requested by
Host: ambers-airline-high-hopes.en.uptodown.com
URL: https://ambers-airline-high-hopes.en.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.3.52 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
472cac6667ed13669d015c4261f99782696806d885deb752616f8c274d16417e
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=300
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ambers-airline-high-hopes.en.uptodown.com/

Response headers

etag
"66f19348-3402"
age
0
expires
Mon, 08 Dec 2025 05:11:13 GMT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS, MISS
date
Sun, 08 Dec 2024 05:11:13 GMT
content-type
image/webp
last-modified
Mon, 23 Sep 2024 16:11:52 GMT
x-served-by
cache-lin1730033-LIN, cache-lin1730048-LIN
x-cache-hits
0, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=300
content-security-policy
default-src 'self'
cache-control
max-age=31536000
x-timer
S1733634673.179096,VS0,VE109
referrer-policy
no-referrer-when-downgrade
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
13314
x-xss-protection
1; mode=block
icon-bar-arrow.svg
stc.utdstc.com/img/svgs/
409 B
625 B
Image
General
Full URL
https://stc.utdstc.com/img/svgs/icon-bar-arrow.svg
Requested by
Host: ambers-airline-high-hopes.en.uptodown.com
URL: https://ambers-airline-high-hopes.en.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a94c989e9aece6cc36d94e5d1a5109e838c6b0d0c962c5a47ffcd78751ae1501
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ambers-airline-high-hopes.en.uptodown.com/

Response headers

content-encoding
gzip
etag
W/"67346628-199"
age
1022562
expires
Wed, 26 Nov 2025 09:08:31 GMT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS, HIT
date
Sun, 08 Dec 2024 05:11:13 GMT
content-type
image/svg+xml
last-modified
Wed, 13 Nov 2024 08:41:12 GMT
x-served-by
cache-lin1730042-LIN, cache-lin1730028-LIN
x-cache-hits
0, 8794
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=300
vary
Accept-Encoding
cache-control
max-age=31536000, public
pragma
public
x-timer
S1733634673.207239,VS0,VE0
referrer-policy
strict-origin-when-cross-origin
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
284
icon-bar-close.svg
stc.utdstc.com/img/svgs/
863 B
626 B
Image
General
Full URL
https://stc.utdstc.com/img/svgs/icon-bar-close.svg
Requested by
Host: ambers-airline-high-hopes.en.uptodown.com
URL: https://ambers-airline-high-hopes.en.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
36800adc29c76c8ded03056d559c6c8a249aacfa0d747c9974c00de60b1eb26d
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ambers-airline-high-hopes.en.uptodown.com/

Response headers

content-encoding
gzip
etag
W/"67346628-35f"
age
1022561
expires
Wed, 26 Nov 2025 09:08:31 GMT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS, HIT
date
Sun, 08 Dec 2024 05:11:13 GMT
last-modified
Wed, 13 Nov 2024 08:41:12 GMT
content-type
image/svg+xml
x-served-by
cache-lin1730026-LIN, cache-lin1730028-LIN
x-cache-hits
0, 9011
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=300
vary
Accept-Encoding
cache-control
max-age=31536000, public
pragma
public
x-timer
S1733634673.207620,VS0,VE0
referrer-policy
strict-origin-when-cross-origin
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
414
js
www.googletagmanager.com/gtag/
312 KB
106 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DW5XRK7GYT
Requested by
Host: ambers-airline-high-hopes.en.uptodown.com
URL: https://ambers-airline-high-hopes.en.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3d43a326e90d515ea858cd66339f2dc55cd211ecbcaec7bc55f5d981b93f55ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ambers-airline-high-hopes.en.uptodown.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sun, 08 Dec 2024 05:11:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 08 Dec 2024 05:11:13 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
107409
x-xss-protection
0
server
Google Tag Manager
vendor.js
stc.utdstc.com/1733299958669/
33 KB
11 KB
Script
General
Full URL
https://stc.utdstc.com/1733299958669/vendor.js
Requested by
Host: ambers-airline-high-hopes.en.uptodown.com
URL: https://ambers-airline-high-hopes.en.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c027749cb4bb34ce24e94f6376dbeddacd64b18bb493a1533058f37aa04532ce
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ambers-airline-high-hopes.en.uptodown.com/

Response headers

content-encoding
gzip
etag
W/"67500efe-8203"
age
330546
expires
Thu, 04 Dec 2025 09:22:06 GMT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS, HIT
date
Sun, 08 Dec 2024 05:11:13 GMT
last-modified
Wed, 04 Dec 2024 08:12:46 GMT
content-type
application/javascript
x-served-by
cache-lin1730045-LIN, cache-lin1730028-LIN
x-cache-hits
0, 3663
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=300
vary
Accept-Encoding
cache-control
max-age=31536000, public
pragma
public
x-timer
S1733634673.207707,VS0,VE0
referrer-policy
strict-origin-when-cross-origin
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
10982
detail.js
stc.utdstc.com/1733299958669/
105 KB
25 KB
Script
General
Full URL
https://stc.utdstc.com/1733299958669/detail.js
Requested by
Host: ambers-airline-high-hopes.en.uptodown.com
URL: https://ambers-airline-high-hopes.en.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a06dca843ae374a03e7f132ae3418d030487311ec276b03b07a70512545f193b
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ambers-airline-high-hopes.en.uptodown.com/

Response headers

content-encoding
gzip
etag
W/"67500efe-1a4cd"
age
330546
expires
Thu, 04 Dec 2025 09:22:06 GMT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS, HIT
date
Sun, 08 Dec 2024 05:11:13 GMT
last-modified
Wed, 04 Dec 2024 08:12:46 GMT
content-type
application/javascript
x-served-by
cache-lin1730023-LIN, cache-lin1730028-LIN
x-cache-hits
0, 2655
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=300
vary
Accept-Encoding
cache-control
max-age=31536000, public
pragma
public
x-timer
S1733634673.207454,VS0,VE0
referrer-policy
strict-origin-when-cross-origin
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
25112
uptodown.js
scripts.ssm.codes/
566 KB
145 KB
Script
General
Full URL
https://scripts.ssm.codes/uptodown.js
Requested by
Host: ambers-airline-high-hopes.en.uptodown.com
URL: https://ambers-airline-high-hopes.en.uptodown.com/android
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.69.203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e22a24aed6b6e4bfe61d4ab9475434020c02926ad167d58d08e2724e8cbd15d1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ambers-airline-high-hopes.en.uptodown.com/

Response headers

access-control-expose-headers
*
content-encoding
br
cf-cache-status
HIT
etag
W/"674472d3-8d64d"
age
838154
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w00Ge9n0FtyunuVPd8vBzexKK9yozKtjsXBqfQeZej%2BYvNy2%2Bcq0C%2Fhw%2F7ESN0XadP1wGYC2EHbwFts9Kc6ae0Ny41GVw3F4R%2FlMQ3etLZWVkM0dOw1vV3ATHG4CKdqtRoDl"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=17125&min_rtt=17125&rtt_var=6422&sent=10&recv=7&lost=0&retrans=0&sent_bytes=4249&recv_bytes=4254&delivery_rate=175219&cwnd=12000&unsent_bytes=0&cid=c049df934b025f52&ts=31&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 08 Dec 2024 05:11:13 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Mon, 25 Nov 2024 12:51:31 GMT
vary
Accept-Encoding
priority
u=3,i=?0
access-control-allow-headers
*
cache-control
public, stale-if-error=7890000, stale-while-revalidate=7890000, s-maxage=31536000, max-age=300
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8eea40e34f6b0e91-MXP
access-control-allow-origin
*
server
cloudflare
matomo.js
m.uptodown.net/
66 KB
22 KB
Script
General
Full URL
https://m.uptodown.net/matomo.js
Requested by
Host: ambers-airline-high-hopes.en.uptodown.com
URL: https://ambers-airline-high-hopes.en.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.3.52 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f2e8975ed834c578c50d3923ceb26de04d4fa44f74380f45f147585d909a874d
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ambers-airline-high-hopes.en.uptodown.com/

Response headers

content-encoding
gzip
etag
W/"66f8fe01-10784"
age
2518
expires
Wed, 04 Dec 2024 17:27:38 GMT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Sun, 08 Dec 2024 05:11:13 GMT
content-type
application/javascript
last-modified
Sun, 29 Sep 2024 07:13:05 GMT
x-served-by
cache-lin1730035-LIN
x-cache-hits
10
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=300
vary
Accept-Encoding
cache-control
max-age=3600, public
pragma
public
x-timer
S1733634673.189219,VS0,VE0
referrer-policy
strict-origin-when-cross-origin
via
1.1 varnish
accept-ranges
bytes
content-length
21921
icon-24-turbo2.svg
stc.utdstc.com/img/svgs/
992 B
935 B
Image
General
Full URL
https://stc.utdstc.com/img/svgs/icon-24-turbo2.svg
Requested by
Host: ambers-airline-high-hopes.en.uptodown.com
URL: https://ambers-airline-high-hopes.en.uptodown.com/android
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8478b2a3764a8b84af7ca3852738a498759b83f0e290c054ddb8de1af854e77a
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ambers-airline-high-hopes.en.uptodown.com/

Response headers

content-encoding
gzip
etag
W/"67346628-3e0"
age
1022561
expires
Wed, 26 Nov 2025 09:08:32 GMT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS, HIT
date
Sun, 08 Dec 2024 05:11:13 GMT
last-modified
Wed, 13 Nov 2024 08:41:12 GMT
content-type
image/svg+xml
x-served-by
cache-lin1730046-LIN, cache-lin1730057-LIN
x-cache-hits
0, 8737
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=300
vary
Accept-Encoding
cache-control
max-age=31536000, public
pragma
public
x-timer
S1733634673.233862,VS0,VE0
referrer-policy
strict-origin-when-cross-origin
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
522
8c2499f0a3e9d4af5837d0a223ead1b1015ccb977b7091cf09be10704d141c72:200
img.utdstc.com/screen/8c2/499/
30 KB
30 KB
Image
General
Full URL
https://img.utdstc.com/screen/8c2/499/8c2499f0a3e9d4af5837d0a223ead1b1015ccb977b7091cf09be10704d141c72:200
Requested by
Host: ambers-airline-high-hopes.en.uptodown.com
URL: https://ambers-airline-high-hopes.en.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.3.52 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
af4cc8030759404d94e8da127b98005634829da0bbb11b6a01d303ec0f02ea28
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=300
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ambers-airline-high-hopes.en.uptodown.com/

Response headers

etag
"66f19349-77ee"
age
0
expires
Mon, 08 Dec 2025 05:11:13 GMT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS, MISS
date
Sun, 08 Dec 2024 05:11:13 GMT
content-type
image/webp
last-modified
Mon, 23 Sep 2024 16:11:53 GMT
x-served-by
cache-lin1730032-LIN, cache-lin1730048-LIN
x-cache-hits
0, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=300
content-security-policy
default-src 'self'
cache-control
max-age=31536000
x-timer
S1733634673.235675,VS0,VE100
referrer-policy
no-referrer-when-downgrade
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
30702
x-xss-protection
1; mode=block
63e8d7a905432e36922a316d8cb40d6422c31152f935261c28b9198751c20b24:200
img.utdstc.com/screen/63e/8d7/
30 KB
30 KB
Image
General
Full URL
https://img.utdstc.com/screen/63e/8d7/63e8d7a905432e36922a316d8cb40d6422c31152f935261c28b9198751c20b24:200
Requested by
Host: ambers-airline-high-hopes.en.uptodown.com
URL: https://ambers-airline-high-hopes.en.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.3.52 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f57e796140ceebcd427f42ec534085a070f5baab5506a0acd7ead5af88c064ff
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=300
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ambers-airline-high-hopes.en.uptodown.com/

Response headers

etag
"66f19348-7778"
age
0
expires
Mon, 08 Dec 2025 05:11:13 GMT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS, MISS
date
Sun, 08 Dec 2024 05:11:13 GMT
content-type
image/webp
last-modified
Mon, 23 Sep 2024 16:11:52 GMT
x-served-by
cache-lin1730022-LIN, cache-lin1730048-LIN
x-cache-hits
0, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=300
content-security-policy
default-src 'self'
cache-control
max-age=31536000
x-timer
S1733634673.236038,VS0,VE104
referrer-policy
no-referrer-when-downgrade
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
30584
x-xss-protection
1; mode=block
icons-info.svg
stc.utdstc.com/img/
26 KB
7 KB
Image
General
Full URL
https://stc.utdstc.com/img/icons-info.svg
Requested by
Host: ambers-airline-high-hopes.en.uptodown.com
URL: https://ambers-airline-high-hopes.en.uptodown.com/android
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b15eb85fe374d2db60bd2223075e43b349fe366944b352247514e3efc2f09de4
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ambers-airline-high-hopes.en.uptodown.com/

Response headers

content-encoding
gzip
etag
W/"67346628-668f"
age
1022560
expires
Wed, 26 Nov 2025 09:08:32 GMT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS, HIT
date
Sun, 08 Dec 2024 05:11:13 GMT
content-type
image/svg+xml
last-modified
Wed, 13 Nov 2024 08:41:12 GMT
x-served-by
cache-lin1730031-LIN, cache-lin1730057-LIN
x-cache-hits
0, 9289
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=300
vary
Accept-Encoding
cache-control
max-age=31536000, public
pragma
public
x-timer
S1733634673.234814,VS0,VE0
referrer-policy
strict-origin-when-cross-origin
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
6872
8ed07fec092383ebd9b897b2f1487f08c6a3727022c3cc02018e59589a3c4dbe:60
img.utdstc.com/icon/8ed/07f/
2 KB
2 KB
Image
General
Full URL
https://img.utdstc.com/icon/8ed/07f/8ed07fec092383ebd9b897b2f1487f08c6a3727022c3cc02018e59589a3c4dbe:60
Requested by
Host: ambers-airline-high-hopes.en.uptodown.com
URL: https://ambers-airline-high-hopes.en.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.3.52 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9aae3b01619e3fde25e54c42edee920dca514bbc9b7e07f879fcb8db5a1cd639
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=300
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ambers-airline-high-hopes.en.uptodown.com/

Response headers

etag
"673b3e99-620"
age
1022053
expires
Wed, 26 Nov 2025 09:17:00 GMT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS, HIT
date
Sun, 08 Dec 2024 05:11:13 GMT
last-modified
Mon, 18 Nov 2024 13:18:17 GMT
content-type
image/webp
x-served-by
cache-lin1730081-LIN, cache-lin1730048-LIN
x-cache-hits
0, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=300
content-security-policy
default-src 'self'
cache-control
max-age=31536000
x-timer
S1733634673.236165,VS0,VE1
referrer-policy
no-referrer-when-downgrade
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
1568
x-xss-protection
1; mode=block
c8e23787dc5c1b61f14696c7e896f0e01f2f43881ac82e7b85c7d7b1c2eebd03:60
img.utdstc.com/icon/c8e/237/
2 KB
2 KB
Image
General
Full URL
https://img.utdstc.com/icon/c8e/237/c8e23787dc5c1b61f14696c7e896f0e01f2f43881ac82e7b85c7d7b1c2eebd03:60
Requested by
Host: ambers-airline-high-hopes.en.uptodown.com
URL: https://ambers-airline-high-hopes.en.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.3.52 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7384ef62172145bd8c5ee807bab3ffec8427a4f51fc39350c829066c1a12aedb
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=300
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ambers-airline-high-hopes.en.uptodown.com/

Response headers

etag
"66eef915-786"
age
1006749
expires
Wed, 26 Nov 2025 13:32:04 GMT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS, HIT
date
Sun, 08 Dec 2024 05:11:13 GMT
last-modified
Sat, 21 Sep 2024 16:49:25 GMT
content-type
image/webp
x-served-by
cache-lin1730035-LIN, cache-lin1730048-LIN
x-cache-hits
0, 2
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=300
content-security-policy
default-src 'self'
cache-control
max-age=31536000
x-timer
S1733634673.235887,VS0,VE0
referrer-policy
no-referrer-when-downgrade
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
1926
x-xss-protection
1; mode=block
2fd77637f87fed43ac563a681386a899643ffbf705a7e63f333fb54a85906dc4:60
img.utdstc.com/icon/2fd/776/
2 KB
2 KB
Image
General
Full URL
https://img.utdstc.com/icon/2fd/776/2fd77637f87fed43ac563a681386a899643ffbf705a7e63f333fb54a85906dc4:60
Requested by
Host: ambers-airline-high-hopes.en.uptodown.com
URL: https://ambers-airline-high-hopes.en.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.3.52 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8c1263e1e6fa110821e2f16cba160a036c652364d6f9581ac5941c323d077fd2
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=300
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ambers-airline-high-hopes.en.uptodown.com/

Response headers

etag
"66f5930d-672"
age
329442
expires
Thu, 27 Nov 2025 16:38:13 GMT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS, HIT
date
Sun, 08 Dec 2024 05:11:13 GMT
content-type
image/webp
last-modified
Thu, 26 Sep 2024 16:59:57 GMT
x-served-by
cache-lin1730054-LIN, cache-lin1730048-LIN
x-cache-hits
0, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=300
content-security-policy
default-src 'self'
cache-control
max-age=31536000
x-timer
S1733634673.235856,VS0,VE1
referrer-policy
no-referrer-when-downgrade
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
1650
x-xss-protection
1; mode=block
7369436228b2bf158658f9f3f2d738ca1e043392025161d58a4b0648548ea140:60
img.utdstc.com/icon/736/943/
2 KB
2 KB
Image
General
Full URL
https://img.utdstc.com/icon/736/943/7369436228b2bf158658f9f3f2d738ca1e043392025161d58a4b0648548ea140:60
Requested by
Host: ambers-airline-high-hopes.en.uptodown.com
URL: https://ambers-airline-high-hopes.en.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.3.52 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4fbca82718260f93d392a271ca04c520167c5ebea9ab9450bb4dd1aca39b109d
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=300
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ambers-airline-high-hopes.en.uptodown.com/

Response headers

etag
"66eeaaf6-794"
age
1006749
expires
Wed, 26 Nov 2025 13:32:04 GMT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS, HIT
date
Sun, 08 Dec 2024 05:11:13 GMT
last-modified
Sat, 21 Sep 2024 11:16:06 GMT
content-type
image/webp
x-served-by
cache-lin1730056-LIN, cache-lin1730048-LIN
x-cache-hits
0, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=300
content-security-policy
default-src 'self'
cache-control
max-age=31536000
x-timer
S1733634673.235846,VS0,VE1
referrer-policy
no-referrer-when-downgrade
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
1940
x-xss-protection
1; mode=block
905ac542a63205625f48bc97d228fa1c335b03e1c50423c72aa3d0881c84e9aa:60
img.utdstc.com/icon/905/ac5/
2 KB
2 KB
Image
General
Full URL
https://img.utdstc.com/icon/905/ac5/905ac542a63205625f48bc97d228fa1c335b03e1c50423c72aa3d0881c84e9aa:60
Requested by
Host: ambers-airline-high-hopes.en.uptodown.com
URL: https://ambers-airline-high-hopes.en.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.3.52 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ea659eb45c2694dd39266ac0744e591c9f2524769b9ce0a0f426fafc72b2b2d5
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=300
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ambers-airline-high-hopes.en.uptodown.com/

Response headers

etag
"66eebf2f-8ac"
age
127455
expires
Sat, 06 Dec 2025 17:46:58 GMT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS, HIT
date
Sun, 08 Dec 2024 05:11:13 GMT
last-modified
Sat, 21 Sep 2024 12:42:23 GMT
content-type
image/webp
x-served-by
cache-lin1730042-LIN, cache-lin1730048-LIN
x-cache-hits
0, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=300
content-security-policy
default-src 'self'
cache-control
max-age=31536000
x-timer
S1733634673.237024,VS0,VE1
referrer-policy
no-referrer-when-downgrade
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
2220
x-xss-protection
1; mode=block
60b796cc1b4de3f3b71df7a50f5f40a3aee14a44959016b1055eeaf18d2c3b03:60
img.utdstc.com/icon/60b/796/
2 KB
3 KB
Image
General
Full URL
https://img.utdstc.com/icon/60b/796/60b796cc1b4de3f3b71df7a50f5f40a3aee14a44959016b1055eeaf18d2c3b03:60
Requested by
Host: ambers-airline-high-hopes.en.uptodown.com
URL: https://ambers-airline-high-hopes.en.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.3.52 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9aa9f8d51cb19c209aefa6f8609117ca42c0f4969a16d4a3b98f4fd5eafef2ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=300
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ambers-airline-high-hopes.en.uptodown.com/

Response headers

etag
"66eed068-998"
age
0
expires
Mon, 08 Dec 2025 05:11:13 GMT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS, MISS
date
Sun, 08 Dec 2024 05:11:13 GMT
content-type
image/webp
last-modified
Sat, 21 Sep 2024 13:55:52 GMT
x-served-by
cache-lin1730070-LIN, cache-lin1730048-LIN
x-cache-hits
0, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=300
content-security-policy
default-src 'self'
cache-control
max-age=31536000
x-timer
S1733634673.237303,VS0,VE83
referrer-policy
no-referrer-when-downgrade
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
2456
x-xss-protection
1; mode=block
b99ad157c389bec3120455c075b38c3f918b7b32e53a4f3e04e2e683acb19633:60
img.utdstc.com/icon/b99/ad1/
2 KB
2 KB
Image
General
Full URL
https://img.utdstc.com/icon/b99/ad1/b99ad157c389bec3120455c075b38c3f918b7b32e53a4f3e04e2e683acb19633:60
Requested by
Host: ambers-airline-high-hopes.en.uptodown.com
URL: https://ambers-airline-high-hopes.en.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.3.52 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5e7f9c57623b41673ff2b5699a01028b5f6570b141e7db7282bd89ab9bfd166a
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=300
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ambers-airline-high-hopes.en.uptodown.com/

Response headers

etag
"670ea5e1-8b8"
age
0
expires
Mon, 08 Dec 2025 05:11:13 GMT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS, MISS
date
Sun, 08 Dec 2024 05:11:13 GMT
content-type
image/webp
last-modified
Tue, 15 Oct 2024 17:26:57 GMT
x-served-by
cache-lin1730051-LIN, cache-lin1730048-LIN
x-cache-hits
0, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=300
content-security-policy
default-src 'self'
cache-control
max-age=31536000
x-timer
S1733634673.236741,VS0,VE89
referrer-policy
no-referrer-when-downgrade
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
2232
x-xss-protection
1; mode=block
e150c85df498bba41b8188ab057693941d400ac6e375940ff95aec2837893f75:60
img.utdstc.com/icon/e15/0c8/
2 KB
3 KB
Image
General
Full URL
https://img.utdstc.com/icon/e15/0c8/e150c85df498bba41b8188ab057693941d400ac6e375940ff95aec2837893f75:60
Requested by
Host: ambers-airline-high-hopes.en.uptodown.com
URL: https://ambers-airline-high-hopes.en.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.3.52 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3915ce1ed3c647762caa36e58351aefe230105abaa78cbc35516cf4d0228f8dc
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=300
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ambers-airline-high-hopes.en.uptodown.com/

Response headers

etag
"66f46c51-9a4"
age
0
expires
Mon, 08 Dec 2025 05:11:13 GMT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS, MISS
date
Sun, 08 Dec 2024 05:11:13 GMT
content-type
image/webp
last-modified
Wed, 25 Sep 2024 20:02:25 GMT
x-served-by
cache-lin1730046-LIN, cache-lin1730048-LIN
x-cache-hits
0, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=300
content-security-policy
default-src 'self'
cache-control
max-age=31536000
x-timer
S1733634673.237208,VS0,VE83
referrer-policy
no-referrer-when-downgrade
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
2468
x-xss-protection
1; mode=block
dabe86f9ebcf72133e5b9f8259fd3a239fc58410a88a5fa26b548da372d545c5:60
img.utdstc.com/icon/dab/e86/
2 KB
2 KB
Image
General
Full URL
https://img.utdstc.com/icon/dab/e86/dabe86f9ebcf72133e5b9f8259fd3a239fc58410a88a5fa26b548da372d545c5:60
Requested by
Host: ambers-airline-high-hopes.en.uptodown.com
URL: https://ambers-airline-high-hopes.en.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.3.52 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2c1ecc8f761b6dd19ef6f80f3efbc2a03fb531c9db4c2acbaad3900817682fba
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=300
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ambers-airline-high-hopes.en.uptodown.com/

Response headers

etag
"66f0a3b3-78c"
age
337946
expires
Wed, 26 Nov 2025 09:11:01 GMT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS, HIT
date
Sun, 08 Dec 2024 05:11:13 GMT
last-modified
Sun, 22 Sep 2024 23:09:39 GMT
content-type
image/webp
x-served-by
cache-lin1730078-LIN, cache-lin1730048-LIN
x-cache-hits
0, 5
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=300
content-security-policy
default-src 'self'
cache-control
max-age=31536000
x-timer
S1733634673.236566,VS0,VE0
referrer-policy
no-referrer-when-downgrade
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
1932
x-xss-protection
1; mode=block
dedfa6dc16636ec064f45b475e2d76f2f6830319e43658d9c231c380c341980a:60
img.utdstc.com/icon/ded/fa6/
2 KB
2 KB
Image
General
Full URL
https://img.utdstc.com/icon/ded/fa6/dedfa6dc16636ec064f45b475e2d76f2f6830319e43658d9c231c380c341980a:60
Requested by
Host: ambers-airline-high-hopes.en.uptodown.com
URL: https://ambers-airline-high-hopes.en.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.3.52 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
97c9193455e061a7fd1d325e535d95dba9a13565f193c908299ad1bae0d97be5
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=300
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ambers-airline-high-hopes.en.uptodown.com/

Response headers

etag
"66eea145-8e0"
age
1022411
expires
Wed, 26 Nov 2025 09:11:02 GMT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS, HIT
date
Sun, 08 Dec 2024 05:11:13 GMT
last-modified
Sat, 21 Sep 2024 10:34:45 GMT
content-type
image/webp
x-served-by
cache-lin1730040-LIN, cache-lin1730048-LIN
x-cache-hits
0, 6
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=300
content-security-policy
default-src 'self'
cache-control
max-age=31536000
x-timer
S1733634673.236536,VS0,VE0
referrer-policy
no-referrer-when-downgrade
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
2272
x-xss-protection
1; mode=block
8abce53baeb0d4e52298d5142f9b815bfae587acb18b12cbefb0feae5caba48d:60
img.utdstc.com/icon/8ab/ce5/
904 B
1 KB
Image
General
Full URL
https://img.utdstc.com/icon/8ab/ce5/8abce53baeb0d4e52298d5142f9b815bfae587acb18b12cbefb0feae5caba48d:60
Requested by
Host: ambers-airline-high-hopes.en.uptodown.com
URL: https://ambers-airline-high-hopes.en.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.3.52 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
39ebae8086e9a961327966ae87b217d9068f66f37f26d8e5214df15e613dd5be
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=300
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ambers-airline-high-hopes.en.uptodown.com/

Response headers

etag
"66ef3a4b-388"
age
1022411
expires
Wed, 26 Nov 2025 09:11:02 GMT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS, HIT
date
Sun, 08 Dec 2024 05:11:13 GMT
last-modified
Sat, 21 Sep 2024 21:27:39 GMT
content-type
image/webp
x-served-by
cache-lin1730047-LIN, cache-lin1730048-LIN
x-cache-hits
0, 8
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=300
content-security-policy
default-src 'self'
cache-control
max-age=31536000
x-timer
S1733634673.236512,VS0,VE0
referrer-policy
no-referrer-when-downgrade
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
904
x-xss-protection
1; mode=block
ad3e98abe9de44760d7dfe5f65cd833bd059c163c3cdbe5a8703c2e35a5bb02f:60
img.utdstc.com/icon/ad3/e98/
2 KB
2 KB
Image
General
Full URL
https://img.utdstc.com/icon/ad3/e98/ad3e98abe9de44760d7dfe5f65cd833bd059c163c3cdbe5a8703c2e35a5bb02f:60
Requested by
Host: ambers-airline-high-hopes.en.uptodown.com
URL: https://ambers-airline-high-hopes.en.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.3.52 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
38c80d56336a0d78d39b22319efe1efa5f49d7bd7fc53c2f52cfd60071e98e3d
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=300
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ambers-airline-high-hopes.en.uptodown.com/

Response headers

etag
"6733306f-6ac"
age
348185
expires
Wed, 26 Nov 2025 09:11:02 GMT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS, HIT
date
Sun, 08 Dec 2024 05:11:13 GMT
last-modified
Tue, 12 Nov 2024 10:39:43 GMT
content-type
image/webp
x-served-by
cache-lin1730066-LIN, cache-lin1730048-LIN
x-cache-hits
0, 9
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=300
content-security-policy
default-src 'self'
cache-control
max-age=31536000
x-timer
S1733634673.236481,VS0,VE0
referrer-policy
no-referrer-when-downgrade
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
1708
x-xss-protection
1; mode=block
fb9f92a355965214ffccdfd11cd551bd4107cd276f57714dfd35293f98d4b164:60
img.utdstc.com/icon/fb9/f92/
2 KB
2 KB
Image
General
Full URL
https://img.utdstc.com/icon/fb9/f92/fb9f92a355965214ffccdfd11cd551bd4107cd276f57714dfd35293f98d4b164:60
Requested by
Host: ambers-airline-high-hopes.en.uptodown.com
URL: https://ambers-airline-high-hopes.en.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.3.52 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c17cdce007c0dd43d982b56094456c9a4397e93a563ff57fad10562c096dba9d
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=300
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ambers-airline-high-hopes.en.uptodown.com/

Response headers

etag
"6752c11c-8b4"
age
157900
expires
Sat, 06 Dec 2025 09:19:33 GMT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS, HIT
date
Sun, 08 Dec 2024 05:11:13 GMT
last-modified
Fri, 06 Dec 2024 09:17:16 GMT
content-type
image/webp
x-served-by
cache-lin1730076-LIN, cache-lin1730048-LIN
x-cache-hits
0, 6
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=300
content-security-policy
default-src 'self'
cache-control
max-age=31536000
x-timer
S1733634673.252583,VS0,VE0
referrer-policy
no-referrer-when-downgrade
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
2228
x-xss-protection
1; mode=block
cec77d35ca8bba84c6f3935984a318828f878dace0e3f4abbe034341ab849d99:60
img.utdstc.com/icon/cec/77d/
2 KB
2 KB
Image
General
Full URL
https://img.utdstc.com/icon/cec/77d/cec77d35ca8bba84c6f3935984a318828f878dace0e3f4abbe034341ab849d99:60
Requested by
Host: ambers-airline-high-hopes.en.uptodown.com
URL: https://ambers-airline-high-hopes.en.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.3.52 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bb6e3556895dc3514c0a19d7ccf7932ff628eff96a72466a29d5aaa7af34218f
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=300
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ambers-airline-high-hopes.en.uptodown.com/

Response headers

etag
"675085f0-77e"
age
299963
expires
Thu, 04 Dec 2025 17:51:50 GMT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS, HIT
date
Sun, 08 Dec 2024 05:11:13 GMT
content-type
image/webp
last-modified
Wed, 04 Dec 2024 16:40:16 GMT
x-served-by
cache-lin1730068-LIN, cache-lin1730048-LIN
x-cache-hits
0, 3
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=300
content-security-policy
default-src 'self'
cache-control
max-age=31536000
x-timer
S1733634673.252496,VS0,VE0
referrer-policy
no-referrer-when-downgrade
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
1918
x-xss-protection
1; mode=block
37ac9559ee0b8520744c5461e3f1aa69baf5c97657627651ca4f6aafe2b9b082:60
img.utdstc.com/icon/37a/c95/
2 KB
2 KB
Image
General
Full URL
https://img.utdstc.com/icon/37a/c95/37ac9559ee0b8520744c5461e3f1aa69baf5c97657627651ca4f6aafe2b9b082:60
Requested by
Host: ambers-airline-high-hopes.en.uptodown.com
URL: https://ambers-airline-high-hopes.en.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.3.52 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6bcec54cf50c67b75d8cdd7ea8328b0884366409e810e8e9c7e242055ae61acd
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=300
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ambers-airline-high-hopes.en.uptodown.com/

Response headers

etag
"6719e56c-7de"
age
1019081
expires
Wed, 26 Nov 2025 10:06:32 GMT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS, HIT
date
Sun, 08 Dec 2024 05:11:13 GMT
last-modified
Thu, 24 Oct 2024 06:13:00 GMT
content-type
image/webp
x-served-by
cache-lin1730040-LIN, cache-lin1730048-LIN
x-cache-hits
0, 3
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=300
content-security-policy
default-src 'self'
cache-control
max-age=31536000
x-timer
S1733634673.252486,VS0,VE0
referrer-policy
no-referrer-when-downgrade
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
2014
x-xss-protection
1; mode=block
c07497085b75c9fb39ebdfdfd0707a39c87a1eea487980d9f9e7c8ef4a084da3:60
img.utdstc.com/icon/c07/497/
2 KB
2 KB
Image
General
Full URL
https://img.utdstc.com/icon/c07/497/c07497085b75c9fb39ebdfdfd0707a39c87a1eea487980d9f9e7c8ef4a084da3:60
Requested by
Host: ambers-airline-high-hopes.en.uptodown.com
URL: https://ambers-airline-high-hopes.en.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.3.52 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
28c126ac949b63213230d06eac3566c8ac7135a0b644c09a9f24c998aeeb76a9
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=300
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ambers-airline-high-hopes.en.uptodown.com/

Response headers

etag
"66eea2c8-7f6"
age
1022412
expires
Wed, 26 Nov 2025 09:11:01 GMT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS, HIT
date
Sun, 08 Dec 2024 05:11:13 GMT
last-modified
Sat, 21 Sep 2024 10:41:12 GMT
content-type
image/webp
x-served-by
cache-lin1730061-LIN, cache-lin1730048-LIN
x-cache-hits
0, 9
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=300
content-security-policy
default-src 'self'
cache-control
max-age=31536000
x-timer
S1733634673.252478,VS0,VE0
referrer-policy
no-referrer-when-downgrade
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
2038
x-xss-protection
1; mode=block
matomo.php
m.uptodown.net/
0
0
Ping
General
Full URL
https://m.uptodown.net/matomo.php?action_name=Amber%27s%20Airline%20-%20High%20Hopes%20for%20Android%20-%20Download%20the%20APK%20from%20Uptodown&idsite=2&rec=1&r=742047&h=6&m=11&s=13&url=https%3A%2F%2Fambers-airline-high-hopes.en.uptodown.com%2Fandroid&_id=381fe00211ae1acb&_idn=1&send_image=0&_refts=0&pv_id=iSc8lZ&pf_net=58&pf_srv=103&pf_tfr=5&pf_dm1=29&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200
Requested by
Host: m.uptodown.net
URL: https://m.uptodown.net/matomo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.3.52 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8
Referer
https://ambers-airline-high-hopes.en.uptodown.com/

Response headers

px.gif
bt.dns-finder.com/
43 B
1 KB
Fetch
General
Full URL
https://bt.dns-finder.com/px.gif
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5175773613260800&upapi=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ambers-airline-high-hopes.en.uptodown.com/

Response headers

x-goog-metageneration
2
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
193
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BudGwAIPcqIdj2OsPfxQDAgVq4wFQg6wMedZWQ8z5MTaLPJ%2BBgYZ3MqnmYFBzmwEc36ZUexz9wLDQ5%2BnfdC2NuK5DtwZoCNsEZdf6hheeSXsk4GGp1xd4Stw9GpbDNEXpIk4%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Sun, 08 Dec 2024 06:08:00 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
43
server-timing
cfL4;desc="?proto=QUIC&rtt=18263&min_rtt=18217&rtt_var=6864&sent=10&recv=7&lost=0&retrans=0&sent_bytes=4083&recv_bytes=4280&delivery_rate=175454&cwnd=12000&unsent_bytes=0&cid=9aa1e22cacfe4c41&ts=32&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 08 Dec 2024 05:11:13 GMT
content-type
image/gif
last-modified
Fri, 19 Jul 2024 16:36:17 GMT
vary
Accept-Encoding
priority
u=1,i
x-guploader-uploadid
AFiumC5IXxiEo8F5s80uwlTf_Qclk7R8PSrXM9bsbH3Cz0Nw4aoaHB24wY85RBoQm-mnu_9-o48
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
STANDARD
cf-ray
8eea40e3fa22ed58-MXP
accept-ranges
bytes
x-goog-generation
1721406977485562
content-length
43
server
cloudflare
px.gif
ad-delivery.net/
43 B
496 B
Image
General
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: ambers-airline-high-hopes.en.uptodown.com
URL: https://ambers-airline-high-hopes.en.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ambers-airline-high-hopes.en.uptodown.com/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
884040
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uFDhMY7sYzH8%2FCqtScWzvPF5tw8UWEhztG9EF5FBoIWiO94iNNxXJ%2Fn1hily%2FBdYvaKkD3mZCEdbLPmh2WB%2Flr99T7XbVkX2eks8j0vSRlCfG4TGKGjX43ONp95hlG%2B%2FL6%2B6gGvprX24k7JaLw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Wed, 27 Nov 2024 23:56:31 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=18675&min_rtt=18602&rtt_var=3954&sent=12&recv=12&lost=0&retrans=0&sent_bytes=5161&recv_bytes=2382&delivery_rate=212014&cwnd=250&unsent_bytes=0&cid=45793ee6f03f6c3d&ts=32&x=0"
x-goog-stored-content-length
43
date
Sun, 08 Dec 2024 05:11:13 GMT
content-type
image/gif
last-modified
Wed, 05 May 2021 19:25:32 GMT
vary
Accept-Encoding
x-guploader-uploadid
AFiumC5aF4bj-OfVXNfR0W25mFWy2eDabfILwtIqJke8XAnU8PFehYZBcaFXBEYcRjTpATt4JkQ
cache-control
public, max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8eea40e42b08dba9-FRA
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
favicon.ico
ad.doubleclick.net/
1 KB
130 B
Image
General
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: ambers-airline-high-hopes.en.uptodown.com
URL: https://ambers-airline-high-hopes.en.uptodown.com/android
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ambers-airline-high-hopes.en.uptodown.com/

Response headers

content-encoding
gzip
age
67373
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options
nosniff
expires
Sun, 08 Dec 2024 10:28:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 07 Dec 2024 10:28:20 GMT
last-modified
Tue, 08 May 2012 13:08:06 GMT
content-type
image/x-icon
vary
Accept-Encoding
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
content-length
104
x-xss-protection
0
server
sffe
px.gif
ad-delivery.net/
43 B
1 KB
Image
General
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.4579425233943122
Requested by
Host: ambers-airline-high-hopes.en.uptodown.com
URL: https://ambers-airline-high-hopes.en.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ambers-airline-high-hopes.en.uptodown.com/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
884040
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pom%2BkPisoSo38rE9b0p0iEXfFb4P4DicYxXY6SYTWWYZdHybivvTMHhp1w2x2mJLgQFXyib%2B75QQ4t3E7WeExGPJ9x35UZnGyBKTUE0IEukJ%2FvdMHlp1rU1UrLkEkdctxkNvqvOgpKcaIoe2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Wed, 27 Nov 2024 23:56:31 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=18675&min_rtt=18602&rtt_var=3954&sent=9&recv=12&lost=0&retrans=0&sent_bytes=4021&recv_bytes=2382&delivery_rate=212014&cwnd=250&unsent_bytes=0&cid=45793ee6f03f6c3d&ts=31&x=0"
x-goog-stored-content-length
43
date
Sun, 08 Dec 2024 05:11:13 GMT
content-type
image/gif
last-modified
Wed, 05 May 2021 19:25:32 GMT
vary
Accept-Encoding
x-guploader-uploadid
AFiumC5aF4bj-OfVXNfR0W25mFWy2eDabfILwtIqJke8XAnU8PFehYZBcaFXBEYcRjTpATt4JkQ
cache-control
public, max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8eea40e42b09dba9-FRA
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
topics_frame.html
ssm.codes/topics/ Frame CF7A
0
0
Document
General
Full URL
https://ssm.codes/topics/topics_frame.html
Requested by
Host: scripts.ssm.codes
URL: https://scripts.ssm.codes/uptodown.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.69.203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ambers-airline-high-hopes.en.uptodown.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
838154
alt-svc
h3=":443"; ma=86400
cache-control
public, stale-if-error=7890000, stale-while-revalidate=7890000, s-maxage=31536000, max-age=300
cf-cache-status
HIT
cf-ray
8eea40e47d275250-MXP
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 08 Dec 2024 05:11:13 GMT
last-modified
Thu, 04 Jul 2024 11:38:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=42sCR%2FJZkUHEdf%2FzYuR9QRqK4J9C8MdEMSFwQgLC%2FE9VRo3%2Fxqy%2BvrO35v8v6tFtZsdU%2Fm8DZIq9wfIhZihecRShBu95KfZFSSxqnNywi7Jk6Az3vMdZ2SN9nw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfCacheStatus;desc="HIT" cfL4;desc="?proto=QUIC&rtt=17333&min_rtt=17323&rtt_var=6503&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4272&recv_bytes=4392&delivery_rate=172894&cwnd=12000&unsent_bytes=0&cid=ef99e8659185955a&ts=32&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block
gpt.js
securepubads.g.doubleclick.net/tag/js/
106 KB
33 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: scripts.ssm.codes
URL: https://scripts.ssm.codes/uptodown.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
97ca172f68572a42b197f04befa1022e9408279a893589e7b5e2cb7de29fae6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ambers-airline-high-hopes.en.uptodown.com/

Response headers

content-encoding
br
etag
511 / 20065 / m202412030101 / config-hash: 17564011173285401629
x-content-type-options
nosniff
expires
Sun, 08 Dec 2024 05:11:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sun, 08 Dec 2024 05:11:13 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
34079
x-xss-protection
0
server
cafe
AGSKWxWDi6-tp4SXdrZmYmy0TA1DllCLGvWo02aMZ5BHvG15umf_1UCgCFyrhbI8qdEUc5SSfJugQrSf8ubzDYOQqG-GVQ5wRERl6oi885viTksvvloPg0zi0FEis5pIknPVuhUelOuzPg==
fundingchoicesmessages.google.com/f/
10 KB
5 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWDi6-tp4SXdrZmYmy0TA1DllCLGvWo02aMZ5BHvG15umf_1UCgCFyrhbI8qdEUc5SSfJugQrSf8ubzDYOQqG-GVQ5wRERl6oi885viTksvvloPg0zi0FEis5pIknPVuhUelOuzPg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMzNjM0NjczLDM0MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9hbWJlcnMtYWlybGluZS1oaWdoLWhvcGVzLmVuLnVwdG9kb3duLmNvbS9hbmRyb2lkIixudWxsLFtbOCwiXzlFZHFWNmNIWlUiXSxbOSwiZGUiXSxbMTYsIlsxLDEsMV0iXSxbMjAsIltudWxsLG51bGwsWzMxMDg4MjQ3XSxudWxsLDEyXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de._9EdqV6cHZU.es5.O/am=DAY/d=1/rs=AJlcJMwN_1lH2pRZUGwxJHf1krQmKb2QnA/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bffba10fe0be39a244d88026418457651fd89a1adc3a762e7f21864c569702cc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-p6HIHyhVWVlGjJR4qsEmfQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ambers-airline-high-hopes.en.uptodown.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 08 Dec 2024 05:11:13 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmII0JBikPj6kkkDiJ3SZ7AGAXHrzXOsU4HYaO15VicgTvp3nrUIiA0VLrE6gnDRJVZPIFbtucRqCsT3111ifQ7EM85fZl0AxEUSV1ibgJjh6xVWDiAW4uH4eOXKLjaBFS8_b2FU0kjKL4xPzs8rKcpMKi3JL0pLTkstTi0qSy2KNzIwMjE0MjDVMzCJLzAAACJlQdQ"
content-security-policy
script-src 'report-sample' 'nonce-p6HIHyhVWVlGjJR4qsEmfQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
sdk_cmp.js
cdn.cookie-script.com/iabtcf/2.2/
93 KB
24 KB
Script
General
Full URL
https://cdn.cookie-script.com/iabtcf/2.2/sdk_cmp.js
Requested by
Host: geo.cookie-script.com
URL: https://geo.cookie-script.com/s/a52be48a31f50475bd697e1db8507f9d.js?country=no-is-li-gb-ch-br&state=ca&region=eu
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.171.17 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
60aa9b6dcbfc3ee3ff7273e7c6a313e8e3dc127979d4e5a7fb5f9df67e7083ac
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ambers-airline-high-hopes.en.uptodown.com/

Response headers

x-cache-status
HIT
cache-control
max-age=31536000
content-encoding
gzip
etag
"174fd-6280de33d72c3-gzip"
accept-ranges
bytes
access-control-allow-origin
*
content-length
24094
date
Sun, 08 Dec 2024 05:11:13 GMT
last-modified
Fri, 29 Nov 2024 14:19:32 GMT
vary
Accept-Encoding
server
nginx
content-type
application/javascript
x-frame-options
SAMEORIGIN
country
api.btloader.com/
37 B
215 B
Fetch
General
Full URL
https://api.btloader.com/country?o=5175773613260800
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5175773613260800&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
cd5766e75c80e55c207e9ad4386e204701ec2726d1a5a6d4583faf1fd3d5f8d3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ambers-airline-high-hopes.en.uptodown.com/

Response headers

cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
date
Sun, 08 Dec 2024 05:11:13 GMT
content-type
application/json
vary
Origin
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-DW5XRK7GYT&gtm=45je4c40v888089788za200&_p=1733634673130&gcd=13l3l3l3l1l1&npa=0&dma=0&tcfd=10000&tag_exp=101925629~102067555~102067808~102081485&cid=60399952.1733634673&ul=de-ch&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1733634673&sct=1&seg=0&dl=https%3A%2F%2Fambers-airline-high-hopes.en.uptodown.com%2Fandroid&dt=Amber%27s%20Airline%20-%20High%20Hopes%20for%20Android%20-%20Download%20the%20APK%20from%20Uptodown&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=478
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DW5XRK7GYT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ambers-airline-high-hopes.en.uptodown.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://ambers-airline-high-hopes.en.uptodown.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 08 Dec 2024 05:11:13 GMT
content-type
text/plain
server
Golfe2
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/
497 KB
153 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
28f6ada997873a7e073fc506b93f86b6d2be7de4cc6ae085557bc322cc6df331
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ambers-airline-high-hopes.en.uptodown.com/

Response headers

content-encoding
br
etag
6831530709922679929
age
4845
x-content-type-options
nosniff
expires
Mon, 08 Dec 2025 03:50:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sun, 08 Dec 2024 03:50:28 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
157012
x-xss-protection
0
server
cafe
gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/
63 KB
22 KB
Other
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/gpt
Requested by
Host: ambers-airline-high-hopes.en.uptodown.com
URL: https://ambers-airline-high-hopes.en.uptodown.com/android
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
4443559573512225521
age
7369
x-content-type-options
nosniff
expires
Mon, 09 Dec 2024 03:08:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sun, 08 Dec 2024 03:08:24 GMT
content-type
text/plain; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=86400, stale-while-revalidate=7200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
22952
x-xss-protection
0
server
cafe
use-as-dictionary
match="/gampad/ads", id="m202412050101"
vendor-list.json
cdn.cookie-script.com/iabtcf/2.2/
652 KB
86 KB
XHR
General
Full URL
https://cdn.cookie-script.com/iabtcf/2.2/vendor-list.json
Requested by
Host: cdn.cookie-script.com
URL: https://cdn.cookie-script.com/iabtcf/2.2/sdk_cmp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.171.17 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
61d5df864f1aecda2f04de75be6fdf87d75a9613ce04d8fe3c6035a03789160e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ambers-airline-high-hopes.en.uptodown.com/

Response headers

x-cache-status
HIT
cache-control
max-age=31536000
content-encoding
gzip
etag
W/"a300c-628b6edf06e21"
access-control-allow-origin
*
date
Sun, 08 Dec 2024 05:11:13 GMT
last-modified
Sun, 08 Dec 2024 00:00:01 GMT
vary
Accept-Encoding
server
nginx
content-type
application/javascript
x-frame-options
SAMEORIGIN
google-vendors.json
cdn.cookie-script.com/iabtcf/2.2/
142 KB
34 KB
Fetch
General
Full URL
https://cdn.cookie-script.com/iabtcf/2.2/google-vendors.json
Requested by
Host: cdn.cookie-script.com
URL: https://cdn.cookie-script.com/iabtcf/2.2/sdk_cmp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.171.17 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
dbe793b6e65adcc3ee546593f4e12a52c834d7502645c60570e1b2e2bb6201b9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ambers-airline-high-hopes.en.uptodown.com/

Response headers

x-cache-status
HIT
cache-control
max-age=31536000
content-encoding
gzip
etag
W/"23991-628b6ee14bf33"
access-control-allow-origin
*
date
Sun, 08 Dec 2024 05:11:13 GMT
last-modified
Sun, 08 Dec 2024 00:00:03 GMT
vary
Accept-Encoding
server
nginx
content-type
application/javascript
x-frame-options
SAMEORIGIN
apstag.js
c.amazon-adsystem.com/aax2/
345 KB
85 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: scripts.ssm.codes
URL: https://scripts.ssm.codes/uptodown.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.38.207 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-38-207.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3bf4f940a69cf7d1af0797f0371ddae937a8274190b22ebe165f0f7223b0e670

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ambers-airline-high-hopes.en.uptodown.com/

Response headers

vary
Accept-Encoding
cache-control
max-age=3600
content-encoding
gzip
etag
W/"812ceba01127f3bf5aede260eaddcd29"
age
2088
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront), 1.1 edfa50bbeda89838b4ee2ce6eaea1b04.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
5Kpl11rym7TuTOK-LlfJP2kS3VgF13gaOfRFsyx4sRJFnWagtwvGgw==
date
Sun, 08 Dec 2024 04:36:26 GMT
content-type
application/javascript
last-modified
Wed, 06 Nov 2024 22:51:07 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P8
x-amz-server-side-encryption
AES256
DFPAudiencePixel;ord=9125622050814722;dc_seg=7386413202
pubads.g.doubleclick.net/activity;dc_iu=/78011819/
42 B
63 B
Image
General
Full URL
https://pubads.g.doubleclick.net/activity;dc_iu=/78011819/DFPAudiencePixel;ord=9125622050814722;dc_seg=7386413202?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ambers-airline-high-hopes.en.uptodown.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
42
date
Sun, 08 Dec 2024 05:11:13 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
analytics
consent.cookie-script.com/
47 B
439 B
XHR
General
Full URL
https://consent.cookie-script.com/analytics?action=firstshown&time=1733634673536&script=a52be48a31f50475bd697e1db8507f9d&category=
Requested by
Host: geo.cookie-script.com
URL: https://geo.cookie-script.com/s/a52be48a31f50475bd697e1db8507f9d.js?country=no-is-li-gb-ch-br&state=ca&region=eu
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.196.14.222 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
774fca9da0d2852937388752ba70d2f1a1e7bc7f9261dc6d52a12afc7716f171

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ambers-airline-high-hopes.en.uptodown.com/

Response headers

x-amz-apigw-id
CdOR0GH3joEEnqw=
x-amzn-trace-id
Root=1-67552a71-439b11db6e7244a63795c940;Parent=17b677b46b239e8b;Sampled=0;Lineage=1:a8669a4e:0
x-amzn-requestid
3541d7dd-057f-47ac-bd74-17f32c593e05
via
1.1 c3919dfed58c39e6da91faec1344110c.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
47
x-amz-cf-id
s68WlCWtq0A4zgocYRIPVrlrfj_N4c6SnPBq0XlerVCF2oOVHSQu4Q==
date
Sun, 08 Dec 2024 05:11:13 GMT
content-type
application/json
x-amz-cf-pop
AMS58-P3
server
nginx
cookie-pixel.gif
www.uptodown.com/
35 B
174 B
Image
General
Full URL
https://www.uptodown.com/cookie-pixel.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.3.52 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cfd2d78ecbf22c168ce6b2f16d92b89871fe94774ae8d0887efe5b53cfe5dd0c
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ambers-airline-high-hopes.en.uptodown.com/

Response headers

strict-transport-security
max-age=300
vary
Accept-Encoding
cache-control
no-cache, public, max-age=300,private
pragma
no-cache
x-timer
S1733634674.567622,VS0,VE43
referrer-policy
strict-origin-when-cross-origin
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS, MISS
date
Sun, 08 Dec 2024 05:11:13 GMT
content-type
image/gif
x-served-by
cache-lin1730064-LIN, cache-lin1730052-LIN
x-cache-hits
0, 0
x-frame-options
SAMEORIGIN
truncated
/
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
712cba3fa8fa2aceeed253c363eb34d1c122a5159027d256815fc94b0941b3de

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d42387631e2304003f2a38ee1a9272b97fbf8a113847408049fa3d56fff6323c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
30b8c08723b0af130800167aeee7da1d2c3419484e20b2c1d3db5833801bf294

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
192fef0f1f45db7d0c7cb91298b7865444e93d787ab80f9e7d16f062ed72e0fd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ccbcc3b899abfc282dadce5b52a66abd23a93fd86e7d4ae0a5251f806c4cb49

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7f536fce1aaae1fb1642a19afca74b3c2bc6358760a34950560fba0b88747de5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f5464b6081d981aaf8905d8d449596aa2124761c70a8d5703caefe67634ae2de

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
favicon.ico
ambers-airline-high-hopes.en.uptodown.com/
15 KB
15 KB
Other
General
Full URL
https://ambers-airline-high-hopes.en.uptodown.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.3.52 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8643d0b3c6a1d291b37e372b5413a1d82565e2b753fe42599a18a29cb6eb4368
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ambers-airline-high-hopes.en.uptodown.com/android

Response headers

etag
"67346628-3c2e"
age
0
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS, MISS
date
Sun, 08 Dec 2024 05:11:13 GMT
content-type
image/x-icon
vary
Accept-Encoding
x-served-by
cache-lin1730057-LIN, cache-lin1730052-LIN
last-modified
Wed, 13 Nov 2024 08:41:12 GMT
x-frame-options
SAMEORIGIN
x-cache-hits
0, 0
strict-transport-security
max-age=300
cache-control
public, max-age=31536000,private
x-timer
S1733634674.564013,VS0,VE49
referrer-policy
strict-origin-when-cross-origin
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
15406
d2c1d4de-7c69-49c2-8aec-7ee14abe5ed5
config.aps.amazon-adsystem.com/configs/
563 B
839 B
Script
General
Full URL
https://config.aps.amazon-adsystem.com/configs/d2c1d4de-7c69-49c2-8aec-7ee14abe5ed5
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-123.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
2ce707b9cc8f87ab2693683116f7c574a84b9fcc99b6a24c36abf2c6b7f4baf8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ambers-airline-high-hopes.en.uptodown.com/

Response headers

cache-control
max-age=3600
age
1696
via
1.1 37236193bd380575cb98e661bedbb260.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
563
x-amz-cf-id
Xl-9iET2qhzSbttT2ysNBFgZ28Xn7rMPRFYNBRjf4_GM2q2kfcbWxA==
date
Sun, 08 Dec 2024 04:42:57 GMT
content-type
application/javascript
x-amz-cf-pop
FRA56-P8
server
CloudFront
config
c.amazon-adsystem.com/cdn/prod/
2 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fambers-airline-high-hopes.en.uptodown.com&pubid=d2c1d4de-7c69-49c2-8aec-7ee14abe5ed5
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.38.207 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-38-207.fra56.r.cloudfront.net
Software
Server /
Resource Hash
88436da2c740e75470aa9863f5e80d8eea7cded8fe66a70c642de23fd297b102

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ambers-airline-high-hopes.en.uptodown.com/

Response headers

cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
via
1.1 edfa50bbeda89838b4ee2ce6eaea1b04.cloudfront.net (CloudFront)
access-control-allow-origin
https://ambers-airline-high-hopes.en.uptodown.com
x-cache
Miss from cloudfront
content-length
2196
x-amz-cf-id
NtRXmUBxZt0QljmPEXSQgEzRhjy7sdfeb4kQfnmSLMRN4CcZ1PaLxQ==
date
Sun, 08 Dec 2024 05:11:13 GMT
content-type
application/json;charset=UTF-8
x-amz-cf-pop
FRA56-P8
server
Server
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.38.207 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-38-207.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ambers-airline-high-hopes.en.uptodown.com/

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
etag
W/"a4d296427fc806b21335359e398c025c"
age
7433
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
_cm5JgYQldKsAj7iwvhvy9iDf-EQ_IRT12Z8puYYcyUBBpOO7HSThw==
date
Sun, 08 Dec 2024 03:07:21 GMT
content-type
application/javascript
vary
Origin,accept-encoding
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
cache-control
public, max-age=86400
via
1.1 383422f03bfc9d77974d0ac637421c22.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P8
server
AmazonS3
x-amz-server-side-encryption
AES256
pv
api.btloader.com/
0
66 B
XHR
General
Full URL
https://api.btloader.com/pv?tid=ioZBIT6z-UOBu6GRz5T-93a4adca53&w=6320147589758976&o=5175773613260800&cv=2.1.66&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fambers-airline-high-hopes.en.uptodown.com%2Fandroid&sid=VsmETughzA-rCYUXWAGn2-93a4adca53&pm=true&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5175773613260800&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers