URL: https://www.afar.com/magazine/when-where-celebrate-oktoberfest
Submission: On January 15 via manual from PT — Scanned from PT

Summary

This website contacted 23 IPs in 7 countries across 19 domains to perform 59 HTTP transactions. The main IP is 99.86.4.91, located in United States and belongs to AMAZON-02, US. The main domain is www.afar.com. The Cisco Umbrella rank of the primary domain is 60942.
TLS certificate: Issued by Amazon RSA 2048 M03 on May 16th 2024. Valid for: a year.
This is the only time www.afar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 99.86.4.91 16509 (AMAZON-02)
1 142.250.185.138 15169 (GOOGLE)
10 18.244.18.23 16509 (AMAZON-02)
2 104.17.247.203 13335 (CLOUDFLAR...)
12 104.18.86.42 13335 (CLOUDFLAR...)
3 172.217.16.194 15169 (GOOGLE)
2 157.240.0.6 32934 (FACEBOOK)
1 172.217.18.8 15169 (GOOGLE)
1 95.100.110.94 20940 (AKAMAI-AS...)
1 142.250.184.227 15169 (GOOGLE)
3 142.250.184.228 15169 (GOOGLE)
1 104.18.32.137 13335 (CLOUDFLAR...)
1 142.250.186.35 15169 (GOOGLE)
1 184.28.88.244 16625 (AKAMAI-AS)
6 54.225.81.217 14618 (AMAZON-AES)
2 178.250.1.11 44788 (ASN-CRITE...)
2 162.19.138.119 16276 (OVH OVH SAS)
1 52.212.180.213 16509 (AMAZON-02)
1 15.197.193.217 16509 (AMAZON-02)
1 185.64.190.82 62713 (AS-PUBMATIC)
1 52.36.224.135 16509 (AMAZON-02)
1 162.19.138.117 16276 (OVH OVH SAS)
59 23
Apex Domain
Subdomains
Transfer
12 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 329
150 KB
10 brightspotcdn.com
afar.brightspotcdn.com — Cisco Umbrella Rank: 245552
436 KB
7 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1040
postrelease.com — Cisco Umbrella Rank: 922
4 KB
5 afar.com
www.afar.com — Cisco Umbrella Rank: 60942
57 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 3
986 B
3 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
211 KB
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 533
1 KB
2 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 450
371 B
2 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 570
t.pubmatic.com — Cisco Umbrella Rank: 3005
87 KB
2 gstatic.com
fonts.gstatic.com
www.gstatic.com
265 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
77 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 740
60 KB
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 946
284 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 377
420 B
1 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 2708
290 B
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 514
306 B
1 ntv.io
s.ntv.io — Cisco Umbrella Rank: 4120
188 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
104 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
59 19
Domain Requested by
12 cdn.cookielaw.org www.afar.com
cdn.cookielaw.org
10 afar.brightspotcdn.com www.afar.com
6 jadserve.postrelease.com s.ntv.io
www.afar.com
5 www.afar.com afar.brightspotcdn.com
3 www.google.com www.afar.com
www.gstatic.com
3 securepubads.g.doubleclick.net www.afar.com
securepubads.g.doubleclick.net
2 id5-sync.com ads.pubmatic.com
2 gum.criteo.com ads.pubmatic.com
2 connect.facebook.net www.afar.com
connect.facebook.net
2 unpkg.com www.afar.com
1 lb.eu-1-id5-sync.com ads.pubmatic.com
1 postrelease.com s.ntv.io
1 t.pubmatic.com ads.pubmatic.com
1 match.adsrvr.org ads.pubmatic.com
1 id.crwdcntrl.net ads.pubmatic.com
1 ads.pubmatic.com s.ntv.io
1 www.gstatic.com www.google.com
1 geolocation.onetrust.com cdn.cookielaw.org
1 fonts.gstatic.com fonts.googleapis.com
1 s.ntv.io www.afar.com
1 www.googletagmanager.com www.afar.com
1 fonts.googleapis.com www.afar.com
59 22
Subject Issuer Validity Valid
afar.com
Amazon RSA 2048 M03
2024-05-16 -
2025-06-14
a year crt.sh
upload.video.google.com
WR2
2024-12-09 -
2025-03-03
3 months crt.sh
static.afar-media.production.k3.m1.brightspot.cloud
Amazon RSA 2048 M03
2024-10-22 -
2025-11-21
a year crt.sh
unpkg.com
WE1
2025-01-02 -
2025-04-02
3 months crt.sh
cookielaw.org
WE1
2024-12-09 -
2025-03-09
3 months crt.sh
*.g.doubleclick.net
WR2
2024-12-09 -
2025-03-03
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-10-24 -
2025-01-22
3 months crt.sh
*.google-analytics.com
WR2
2024-12-09 -
2025-03-03
3 months crt.sh
*.ntv.io
DigiCert TLS RSA SHA256 2020 CA1
2024-07-31 -
2025-07-31
a year crt.sh
*.gstatic.com
WR2
2024-12-09 -
2025-03-03
3 months crt.sh
*.google.com
WR2
2024-12-09 -
2025-03-03
3 months crt.sh
geolocation.onetrust.com
WE1
2024-12-09 -
2025-03-09
3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1
2024-11-27 -
2025-11-30
a year crt.sh
*.postrelease.com
Amazon RSA 2048 M02
2024-09-25 -
2025-10-23
a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-12-03 -
2025-03-03
3 months crt.sh
id5-sync.com
E6
2024-11-11 -
2025-02-09
3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M03
2024-09-08 -
2025-10-08
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2024-04-23 -
2025-05-25
a year crt.sh
eu-1-id5-sync.com
R11
2024-11-11 -
2025-02-09
3 months crt.sh

This page contains 4 frames:

Primary Page: https://www.afar.com/magazine/when-where-celebrate-oktoberfest
Frame ID: DBB9CB80FB21AEE00BAB3D3B0DB9B37A
Requests: 64 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LedSqwUAAAAADgTvm-iYtiOb9VVsdy873ZKR2LT&co=aHR0cHM6Ly93d3cuYWZhci5jb206NDQz&hl=pt-PT&v=zIriijn3uj5Vpknvt_LnfNbF&size=normal&cb=g75upk1vnkzy
Frame ID: 766F79090AF0F65228F7D90F1D03A4A3
Requests: 1 HTTP requests in this frame

Frame: https://postrelease.com/iframes/topics.html
Frame ID: 3278744C7E179D806CA8B0378253937A
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=pt-PT&v=zIriijn3uj5Vpknvt_LnfNbF&k=6LedSqwUAAAAADgTvm-iYtiOb9VVsdy873ZKR2LT
Frame ID: 1F3B3BA3D55783DFEA9F2705B72DFF26
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

When—and Where—to Celebrate Oktoberfest in 2024 - AFAR

Detected technologies

Overall confidence: 100%
Detected patterns
  • leaflet.{0,32}\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

59
Requests

100 %
HTTPS

0 %
IPv6

19
Domains

22
Subdomains

23
IPs

7
Countries

1643 kB
Transfer

4456 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

59 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request when-where-celebrate-oktoberfest
www.afar.com/magazine/
213 KB
42 KB
Document
General
Full URL
https://www.afar.com/magazine/when-where-celebrate-oktoberfest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-91.fra6.r.cloudfront.net
Software
istio-envoy / Brightspot
Resource Hash
b420fdf5815d4c9a46f6fb93be10515ea5c4dd1f3ab19bae7594030332689163
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-length
42515
content-type
text/html;charset=UTF-8
date
Wed, 15 Jan 2025 17:34:36 GMT
server
istio-envoy
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
x-amz-cf-id
O3q9QzsTA2wmmeBbMu4UI-tadD9vkhhxWLr7XgdFwjVGL72A65wiMg==
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
x-envoy-decorator-operation
brightspot-frontend-verify.afar-media.svc.cluster.local:80/*
x-envoy-upstream-service-time
220
x-powered-by
Brightspot
css2
fonts.googleapis.com/
2 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@100..500&display=swap
Requested by
Host: www.afar.com
URL: https://www.afar.com/magazine/when-where-celebrate-oktoberfest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
ESF /
Resource Hash
a63d51d2bc783a5533bf21c2611ba1f9f2733265c2b1f2ce8072f8f673cc98b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.afar.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 15 Jan 2025 17:34:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 15 Jan 2025 17:34:36 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 15 Jan 2025 17:34:36 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
All.min.6471f1d5e9144c74bc59eddf68cb1097.gz.css
afar.brightspotcdn.com/resource/00000180-65d5-d5af-abae-f7f545ca0000/styles/style-1/
230 KB
32 KB
Stylesheet
General
Full URL
https://afar.brightspotcdn.com/resource/00000180-65d5-d5af-abae-f7f545ca0000/styles/style-1/All.min.6471f1d5e9144c74bc59eddf68cb1097.gz.css
Requested by
Host: www.afar.com
URL: https://www.afar.com/magazine/when-where-celebrate-oktoberfest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-23.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
22854503cff931c7f14894720cb206e891ffc5d0c6eeeb6ad785c6fc8827a26c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.afar.com/

Response headers

content-encoding
gzip
etag
"64f2cb5051c4f6cc933edd8ec1b4f9cc"
x-amz-version-id
hCssfql0dLbcevKRN7DEkPXLQJW7ruCt
age
4402798
x-cache
Hit from cloudfront
x-amz-cf-id
OEPYmKI3QAr-SKKklCt4qMQ_Ku5sFz1THedfOoA-7RuQqwbadLKtyA==
date
Mon, 25 Nov 2024 18:34:39 GMT
content-type
text/css
last-modified
Mon, 25 Nov 2024 18:34:34 GMT
cache-control
public, max-age=31536000
via
1.1 717c15467a10d8501ae3f6716e2421d8.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
31898
x-amz-cf-pop
FRA56-P11
server
AmazonS3
x-amz-server-side-encryption
AES256
webcomponents-loader.2938a610ca02c611209b1a5ba2884385.gz.js
afar.brightspotcdn.com/resource/00000180-65d5-d5af-abae-f7f545ca0000/webcomponents-loader/
2 KB
1 KB
Script
General
Full URL
https://afar.brightspotcdn.com/resource/00000180-65d5-d5af-abae-f7f545ca0000/webcomponents-loader/webcomponents-loader.2938a610ca02c611209b1a5ba2884385.gz.js
Requested by
Host: www.afar.com
URL: https://www.afar.com/magazine/when-where-celebrate-oktoberfest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-23.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e524d44843e7d1c9ec644402f6d3c2b74655676f373b5c1338807c11afc2325e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.afar.com/

Response headers

content-encoding
gzip
etag
"15a442be7d06ec40170c3c91ac824065"
x-amz-version-id
tP.w9ggx5WLgWIJxqWXa5wwm0PkwEoPt
age
9071817
x-cache
Hit from cloudfront
x-amz-cf-id
drJLDvkGfPsgKXIqLngz5IsNMnc45SlVxvZEG14KACpmP_zMJWsgEg==
date
Wed, 02 Oct 2024 17:37:40 GMT
content-type
text/javascript
last-modified
Wed, 05 Jun 2024 11:18:54 GMT
cache-control
public, max-age=31536000
via
1.1 717c15467a10d8501ae3f6716e2421d8.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
999
x-amz-cf-pop
FRA56-P11
server
AmazonS3
x-amz-server-side-encryption
AES256
All.min.dcbb88a3f5d2414943e3681aa22b8eee.gz.js
afar.brightspotcdn.com/resource/00000180-65d5-d5af-abae-f7f545ca0000/styles/style-1/
57 KB
15 KB
Script
General
Full URL
https://afar.brightspotcdn.com/resource/00000180-65d5-d5af-abae-f7f545ca0000/styles/style-1/All.min.dcbb88a3f5d2414943e3681aa22b8eee.gz.js
Requested by
Host: www.afar.com
URL: https://www.afar.com/magazine/when-where-celebrate-oktoberfest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-23.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f26eebb1a32e0208b86d06166334dd0bacf153cc6b698a2fe9706ffe6dcd5143

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.afar.com/

Response headers

content-encoding
gzip
etag
"9b80e77585fc9527b55820b5f2490362"
x-amz-version-id
KajyGEA.5p9vVAlDylSIR8b95Dxt0PLU
age
6564500
x-cache
Hit from cloudfront
x-amz-cf-id
LyjSr9wxSSCaWy8nOYkotzWvOt6JN0g7MWdzm-qRxEkXJJfRR0_0Vw==
date
Thu, 31 Oct 2024 18:06:17 GMT
content-type
text/javascript
last-modified
Wed, 09 Oct 2024 19:00:46 GMT
cache-control
public, max-age=31536000
via
1.1 717c15467a10d8501ae3f6716e2421d8.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
15212
x-amz-cf-pop
FRA56-P11
server
AmazonS3
x-amz-server-side-encryption
AES256
leaflet.css
unpkg.com/leaflet@1.9.4/dist/
14 KB
5 KB
Stylesheet
General
Full URL
https://unpkg.com/leaflet@1.9.4/dist/leaflet.css
Requested by
Host: www.afar.com
URL: https://www.afar.com/magazine/when-where-celebrate-oktoberfest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.247.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7837102824184820dfa198d1ebcd109ff6d0ff9a2672a074b9a1b4d147d04c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.afar.com
Referer
https://www.afar.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
"39d6-7JKfEQDGZCzMXEJyz0zKEiUaml0"
age
643077
x-content-type-options
nosniff
date
Wed, 15 Jan 2025 17:34:36 GMT
content-type
text/css; charset=utf-8
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01JH2B6V1E3Q833380YB57XBAR-mad
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
90279e170a20e3d0-LIS
access-control-allow-origin
*
server
cloudflare
leaflet.js
unpkg.com/leaflet@1.9.4/dist/
144 KB
55 KB
Script
General
Full URL
https://unpkg.com/leaflet@1.9.4/dist/leaflet.js
Requested by
Host: www.afar.com
URL: https://www.afar.com/magazine/when-where-celebrate-oktoberfest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.247.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db49d009c841f5ca34a888c96511ae936fd9f5533e90d8b2c4d57596f4e5641a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.afar.com
Referer
https://www.afar.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
"24060-WmQP+GPnkCqMrCzmujfIezBnd2E"
age
297211
x-content-type-options
nosniff
date
Wed, 15 Jan 2025 17:34:36 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01JHCN1W0BWE4FZ577F3MJCXMY-mad
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
90279e170a24e3d0-LIS
access-control-allow-origin
*
server
cloudflare
otSDKStub.js
cdn.cookielaw.org/scripttemplates/
22 KB
8 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.afar.com
URL: https://www.afar.com/magazine/when-where-celebrate-oktoberfest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52e5401f96ca9a7fc38248bf9469bdc7006f53de52d7abfec96f4a39cf665d6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.afar.com/

Response headers

content-md5
TR3+yr7DZCz8Fh2PJMSBjQ==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DD35135A74B0A0
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
39359
x-content-type-options
nosniff
date
Wed, 15 Jan 2025 17:34:36 GMT
content-type
application/javascript
last-modified
Wed, 15 Jan 2025 03:18:59 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
09abf8c2-801e-009e-2e14-67eacd000000
cf-ray
90279e171e7e691d-LIS
accept-ranges
bytes
access-control-allow-origin
*
content-length
7211
x-ms-blob-type
BlockBlob
server
cloudflare
gpt.js
securepubads.g.doubleclick.net/tag/js/
106 KB
33 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.afar.com
URL: https://www.afar.com/magazine/when-where-celebrate-oktoberfest
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
2f7a36a285b875a5fce38e61185efe85d99a08f26c8ee726d7583ff4d1707db3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.afar.com/

Response headers

content-encoding
br
etag
557 / 20103 / m202501090101 / config-hash: 3710577787187166054
x-content-type-options
nosniff
expires
Wed, 15 Jan 2025 17:34:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 15 Jan 2025 17:34:37 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33962
x-xss-protection
0
server
cafe
/
afar.brightspotcdn.com/dims4/default/2f4325e/2147483647/strip/true/crop/1589x490+0+0/resize/400x123!/quality/90/
5 KB
5 KB
Image
General
Full URL
https://afar.brightspotcdn.com/dims4/default/2f4325e/2147483647/strip/true/crop/1589x490+0+0/resize/400x123!/quality/90/?url=https%3A%2F%2Fk3-prod-afar-media.s3.us-west-2.amazonaws.com%2Fbrightspot%2Fb4%2F62%2F5fb1c1144d6592bd24a9594ac6ed%2Fafar-black.png
Requested by
Host: www.afar.com
URL: https://www.afar.com/magazine/when-where-celebrate-oktoberfest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-23.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
1f07cc6669e05fd82f67f43cbeb327873b95fceb6d34bc88b97a8157b6b48450

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.afar.com/

Response headers

cache-control
max-age=31536000, public
etag
935e562bf8f4dfe474fcf0b9dcae38ec
x-envoy-upstream-service-time
281
age
11368991
x-envoy-decorator-operation
brightspot-dims-verify.afar-media.svc.cluster.local:80/*
via
1.1 717c15467a10d8501ae3f6716e2421d8.cloudfront.net (CloudFront)
expires
Sat, 06 Sep 2025 03:31:25 GMT
x-cache
Hit from cloudfront
content-length
5147
x-amz-cf-id
Hl0rNTi2tGkJaNBDOi76AwmLMuYsFC3GXmGN3lL03YcyE1HpP2GbcA==
date
Fri, 06 Sep 2024 03:31:25 GMT
edge-control
downstream-ttl=31536000
content-type
image/png
x-amz-cf-pop
FRA56-P11
server
istio-envoy
/
afar.brightspotcdn.com/dims4/default/7026089/2147483647/strip/true/crop/1920x1080+0+0/resize/400x225!/quality/90/
5 KB
6 KB
Image
General
Full URL
https://afar.brightspotcdn.com/dims4/default/7026089/2147483647/strip/true/crop/1920x1080+0+0/resize/400x225!/quality/90/?url=https%3A%2F%2Fk3-prod-afar-media.s3.us-west-2.amazonaws.com%2Fbrightspot%2Fe1%2Fbf%2F6ba322154ad0b4402422b40c9424%2Fafar-logo.png
Requested by
Host: www.afar.com
URL: https://www.afar.com/magazine/when-where-celebrate-oktoberfest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-23.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
01d4e9afd27b564c252e6ca67694a8eed3f457bb204985a8606fb42c92d2bd37

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.afar.com/

Response headers

cache-control
max-age=31536000, public
etag
9c32f857649aca5dad1800a8cb0bf02c
x-envoy-upstream-service-time
4908
age
19372947
x-envoy-decorator-operation
brightspot-dims-verify.afar-media.svc.cluster.local:80/*
via
1.1 717c15467a10d8501ae3f6716e2421d8.cloudfront.net (CloudFront)
expires
Thu, 05 Jun 2025 12:12:09 GMT
x-cache
Hit from cloudfront
content-length
5608
x-amz-cf-id
PNy7wcU8dkhUAu3abCOC7ACo8cbFUHPYmlDNUqSZwUfzJ6y2kf3GHg==
date
Wed, 05 Jun 2024 12:12:09 GMT
edge-control
downstream-ttl=31536000
content-type
image/png
x-amz-cf-pop
FRA56-P11
server
istio-envoy
sdk.js
connect.facebook.net/en_US/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.afar.com
URL: https://www.afar.com/magazine/when-where-celebrate-oktoberfest
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
5809efb2f7982ed02fe8f0fb6cb23404ec80b9217987b34a7a3887d22a356739
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.afar.com/

Response headers

content-md5
3MdAPfT1zsUAsK4rHsE11w==
access-control-expose-headers
X-FB-Content-MD5
content-encoding
gzip
etag
"f104fd0e77b0119ca8bfbdee9458396a"
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Wed, 15 Jan 2025 17:36:56 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 15 Jan 2025 17:34:37 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5
2502fa5309f7b859c4fc4d6867cb45da
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=77, rtx=0, c=23, mss=1232, tbw=4478, tp=9, tpl=0, uplat=0, ullat=-1
x-fb-debug
buhEoOCkPxETy8E4+Ysl/88xb46PaMEqaOVhhXDgg4d0QGkgpGn3XYg1K82YMS/gTNzbZ9G7EpBCF4PprZj6og==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
access-control-allow-origin
*
content-length
1687
origin-agent-cluster
?1
deb98973-8077-4f88-b831-c116284d4f09.json
cdn.cookielaw.org/consent/deb98973-8077-4f88-b831-c116284d4f09/
5 KB
2 KB
XHR
General
Full URL
https://cdn.cookielaw.org/consent/deb98973-8077-4f88-b831-c116284d4f09/deb98973-8077-4f88-b831-c116284d4f09.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43d10af4135e8d72ba05d32bad45745dbe02cb5a3a8cef351b554b215d27b82e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.afar.com/

Response headers

content-md5
LSNI0xWfOsKhr7VCheURag==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
cf-cache-status
HIT
etag
0x8DBB88EE36A7C85
age
7924
x-ms-lease-status
unlocked
x-content-type-options
nosniff
x-ms-version
2009-09-19
expires
Thu, 16 Jan 2025 17:34:37 GMT
date
Wed, 15 Jan 2025 17:34:37 GMT
content-type
application/json
last-modified
Mon, 18 Sep 2023 21:33:24 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin, cross-origin
x-ms-request-id
dba7e521-701e-00a9-3090-474662000000
cf-ray
90279e195cbf03da-LIS
accept-ranges
bytes
access-control-allow-origin
*
content-length
1684
x-ms-blob-type
BlockBlob
server
cloudflare
gtm.js
www.googletagmanager.com/
338 KB
104 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KB86KV4
Requested by
Host: www.afar.com
URL: https://www.afar.com/magazine/when-where-celebrate-oktoberfest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
ef07058f93dfdbf046a92eba5bc5881e266b2fba62d6559f957e8952c771d1dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.afar.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Wed, 15 Jan 2025 17:34:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 15 Jan 2025 17:34:37 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 15 Jan 2025 17:08:14 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
105420
x-xss-protection
0
server
Google Tag Manager
load.js
s.ntv.io/serve/
602 KB
188 KB
Script
General
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: www.afar.com
URL: https://www.afar.com/magazine/when-where-celebrate-oktoberfest
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.100.110.94 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a95-100-110-94.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
7a1b7c8d47009d4c489a393d14fe77caf4c3c1eb1d6c238102857aca4e83395b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.afar.com/

Response headers

Content-Encoding
gzip
ETag
"7248d4111d5b38b0697cffcf1ca521e0"
Access-Control-Allow-Methods
GET
Date
Wed, 15 Jan 2025 17:34:37 GMT
Last-Modified
Wed, 18 Dec 2024 20:41:06 GMT
Vary
Accept-Encoding
Content-Type
application/x-javascript
x-amz-id-2
zNQErk8zr9zYNIG74Fgi/3S1jpxlRFeNeCaN5+Pj0KrtuDKa8zVmAJV3ARAjwz7NTzs/LfZ8ygQ=
Transfer-Encoding
chunked
Access-Control-Allow-Headers
*
Cache-Control
public, max-age=3600
Connection
keep-alive, Transfer-Encoding
x-amz-request-id
9W51BY9NW12G7TSK
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Server
AmazonS3
x-amz-server-side-encryption
AES256
truncated
/
89 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dcef3db293b547b522740810ca1b6fa4dea56a64f4b1c27f76379497f73255d9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
90 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0b35a4c406f7621e0349b7d9fe409877547c91d3a4e50332c6614103c2bb8c62

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
Cambon-Regular.36668093e10b0e6b12fdc79d42b0f048.woff2
afar.brightspotcdn.com/resource/00000180-65d5-d5af-abae-f7f545ca0000/assets/fonts/
49 KB
50 KB
Font
General
Full URL
https://afar.brightspotcdn.com/resource/00000180-65d5-d5af-abae-f7f545ca0000/assets/fonts/Cambon-Regular.36668093e10b0e6b12fdc79d42b0f048.woff2
Requested by
Host: www.afar.com
URL: https://www.afar.com/magazine/when-where-celebrate-oktoberfest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-23.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
75853d0c1946ca0965927a3293d4cf6f3be0c1aa10ed30cba9977d90be00f332

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.afar.com
Referer
https://www.afar.com/

Response headers

access-control-max-age
3000
etag
"af28aca249cbaa2f6d7389d270b7f664"
x-amz-version-id
p0cE6pI0XYH6FEitdEp6Ksz1MfT3DrQ8
age
6067356
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
MsdLa5maJ0fGbSzqfp1PYa7PLWTvHDHQDtEcK_5rR1VnVIh64cLeFA==
date
Wed, 06 Nov 2024 12:12:02 GMT
content-type
application/octet-stream
vary
Origin
last-modified
Wed, 05 Jun 2024 11:18:52 GMT
cache-control
public, max-age=31536000
access-control-allow-credentials
true
via
1.1 11c65b00bf7f76c861a15dcad5558b9c.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
https://www.afar.com
content-length
50424
x-amz-cf-pop
FRA56-P11
server
AmazonS3
x-amz-server-side-encryption
AES256
UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
fonts.gstatic.com/s/inter/v18/
47 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@100..500&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
sffe /
Resource Hash
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.afar.com
Referer
https://fonts.googleapis.com/

Response headers

age
104967
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 14 Jan 2026 12:25:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 14 Jan 2025 12:25:10 GMT
last-modified
Mon, 29 Jul 2024 22:51:01 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48444
x-xss-protection
0
server
sffe
Cambon-LightItalic.4409ac70fa1101f23d76b1b2011a4794.woff2
afar.brightspotcdn.com/resource/00000180-65d5-d5af-abae-f7f545ca0000/assets/fonts/
58 KB
58 KB
Font
General
Full URL
https://afar.brightspotcdn.com/resource/00000180-65d5-d5af-abae-f7f545ca0000/assets/fonts/Cambon-LightItalic.4409ac70fa1101f23d76b1b2011a4794.woff2
Requested by
Host: www.afar.com
URL: https://www.afar.com/magazine/when-where-celebrate-oktoberfest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-23.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4324586d54ef8af7400a41d6f7c8182194f12b34289831464824a5a23b6fe6ba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.afar.com
Referer
https://www.afar.com/

Response headers

access-control-max-age
3000
etag
"9d8765c96c0da560b235987fb15af001"
x-amz-version-id
3l7vIJKFAJsIZXckDN4sz5pAr_yNX5oC
age
8461979
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
efx-wGcDT-ZXo9DKhXT1wCdC8_g1VHrYnYf-Be-ae1jNBkkOwr9OUg==
date
Wed, 09 Oct 2024 19:01:39 GMT
content-type
application/octet-stream
vary
Origin
last-modified
Wed, 05 Jun 2024 11:18:52 GMT
cache-control
public, max-age=31536000
access-control-allow-credentials
true
via
1.1 11c65b00bf7f76c861a15dcad5558b9c.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
https://www.afar.com
content-length
59032
x-amz-cf-pop
FRA56-P11
server
AmazonS3
x-amz-server-side-encryption
AES256
Cambon-Light.76f7ec8403026522c8ca0433845cf519.woff2
afar.brightspotcdn.com/resource/00000180-65d5-d5af-abae-f7f545ca0000/assets/fonts/
53 KB
54 KB
Font
General
Full URL
https://afar.brightspotcdn.com/resource/00000180-65d5-d5af-abae-f7f545ca0000/assets/fonts/Cambon-Light.76f7ec8403026522c8ca0433845cf519.woff2
Requested by
Host: www.afar.com
URL: https://www.afar.com/magazine/when-where-celebrate-oktoberfest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-23.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d90c1c546b8eb15f2cc3934ca62d72842261c376c696808a4d0e3a07a978be62

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.afar.com
Referer
https://www.afar.com/

Response headers

access-control-max-age
3000
etag
"0183315f80890959b3ddc3b411359766"
x-amz-version-id
CeheqDxginAL9uP3QNrkKgn2jifD.EtL
age
7663640
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
b5a9opcFmf2dQInde2gJrHYKbkA1KXGoFkcSIwJOUSCle47xYV6CdA==
date
Sat, 19 Oct 2024 00:47:18 GMT
content-type
application/octet-stream
vary
Origin
last-modified
Wed, 05 Jun 2024 11:18:52 GMT
cache-control
public, max-age=31536000
access-control-allow-credentials
true
via
1.1 11c65b00bf7f76c861a15dcad5558b9c.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
https://www.afar.com
content-length
54204
x-amz-cf-pop
FRA56-P11
server
AmazonS3
x-amz-server-side-encryption
AES256
truncated
/
90 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a8444badc2736d8be425e0e1f239ccc759f6b13a3177fbf6f7f5cab24ae6cbfa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
90 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
76a8f593aee534aa1f3d97b37d4da7fdf9b2f41c3db01df766d74f41947a5dd5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
90 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
375f417c22b6a34e7499fcbf92ce1b19812054799406ec85c719ac0ce619fbfc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
90 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b74d8f90a751d3dcd68f9b91856f356a931d4e2536da77b32fd73138d427cc11

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
90 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
02df1ad96662d6b8253fe4ab83ccae1413216f839430f740cf7851ac408763d4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
89 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
99eae70473ab18cc09d6bf979d967fd959f45f36e40447f22f603232e5a073e6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
88 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ce22af6556f51741e04cd0400e809ebf501211e604357c766184f6594a232355

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
api.js
www.google.com/recaptcha/
1 KB
986 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?onload=recaptchaLoaded
Requested by
Host: www.afar.com
URL: https://www.afar.com/magazine/when-where-celebrate-oktoberfest
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f4.1e100.net
Software
ESF /
Resource Hash
d9009929e7e5ec12dbe9382c3e13e84c9f3d313c4cac1f74cea2458aacf54717
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.afar.com/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Wed, 15 Jan 2025 17:34:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Wed, 15 Jan 2025 17:34:37 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
Ayer-Regular-Web.bc87cc9c7b9dd30e6c94901f39f4c320.woff2
afar.brightspotcdn.com/resource/00000180-65d5-d5af-abae-f7f545ca0000/assets/fonts/
22 KB
22 KB
Font
General
Full URL
https://afar.brightspotcdn.com/resource/00000180-65d5-d5af-abae-f7f545ca0000/assets/fonts/Ayer-Regular-Web.bc87cc9c7b9dd30e6c94901f39f4c320.woff2
Requested by
Host: www.afar.com
URL: https://www.afar.com/magazine/when-where-celebrate-oktoberfest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-23.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1ba50672df8ef411a26f0b0e7009636a270137fd708b581ed93a0ba3fb9931f6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.afar.com
Referer
https://www.afar.com/

Response headers

access-control-max-age
3000
etag
"2973c073c82885e504cd7d12e962cd79"
x-amz-version-id
CKBzop1.BpvqDeI2NFTipmTf0E3Pfczl
age
11398042
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
3tiZAIRt87aJ9JoSizxwGiEEOUOsW7NdIjdW6tJc-KMOrPuRLOPsfQ==
date
Thu, 05 Sep 2024 19:27:15 GMT
content-type
application/octet-stream
vary
Origin
last-modified
Wed, 05 Jun 2024 11:18:52 GMT
cache-control
public, max-age=31536000
access-control-allow-credentials
true
via
1.1 11c65b00bf7f76c861a15dcad5558b9c.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
https://www.afar.com
content-length
22369
x-amz-cf-pop
FRA56-P11
server
AmazonS3
x-amz-server-side-encryption
AES256
773.89d0e1ac31413b50ca3d.js
www.afar.com/styleguide/chunk/
11 KB
4 KB
Script
General
Full URL
https://www.afar.com/styleguide/chunk/773.89d0e1ac31413b50ca3d.js
Requested by
Host: afar.brightspotcdn.com
URL: https://afar.brightspotcdn.com/resource/00000180-65d5-d5af-abae-f7f545ca0000/styles/style-1/All.min.dcbb88a3f5d2414943e3681aa22b8eee.gz.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-91.fra6.r.cloudfront.net
Software
istio-envoy /
Resource Hash
f79cebc06cefbdf8634669ff3877a441757da7945f33a845edc5769f49bf8945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.afar.com/magazine/when-where-celebrate-oktoberfest

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=300
content-encoding
gzip
x-envoy-upstream-service-time
17
age
299
x-envoy-decorator-operation
brightspot-frontend-verify.afar-media.svc.cluster.local:80/*
via
1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
3493
x-amz-cf-id
LiN2NbMy__9Ep_lOeFG6hzOFsWxP7SDM9SHQss_LruuLqMmkIYsH6Q==
date
Wed, 15 Jan 2025 17:29:38 GMT
content-type
application/javascript;charset=UTF-8
vary
Accept-Encoding
server
istio-envoy
x-amz-cf-pop
FRA6-C1
442.ba5356d1c31704fc8e27.js
www.afar.com/styleguide/chunk/
32 KB
9 KB
Script
General
Full URL
https://www.afar.com/styleguide/chunk/442.ba5356d1c31704fc8e27.js
Requested by
Host: afar.brightspotcdn.com
URL: https://afar.brightspotcdn.com/resource/00000180-65d5-d5af-abae-f7f545ca0000/styles/style-1/All.min.dcbb88a3f5d2414943e3681aa22b8eee.gz.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-91.fra6.r.cloudfront.net
Software
istio-envoy /
Resource Hash
f61f191c3a7e878e8e01858067a926a3b8f9a31eab073624e354c78fee1a89a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.afar.com/magazine/when-where-celebrate-oktoberfest

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=300
content-encoding
gzip
x-envoy-upstream-service-time
16
age
299
x-envoy-decorator-operation
brightspot-frontend-verify.afar-media.svc.cluster.local:80/*
via
1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
8521
x-amz-cf-id
r3WkFRnLVhObHkuizhKUXfuBzTkSktRUzMdEQxBqGTc9tVBBzz1ZFA==
date
Wed, 15 Jan 2025 17:29:38 GMT
content-type
application/javascript;charset=UTF-8
vary
Accept-Encoding
server
istio-envoy
x-amz-cf-pop
FRA6-C1
/
afar.brightspotcdn.com/dims4/default/2c55ab7/2147483647/strip/true/crop/3000x2000+0+0/resize/900x600!/format/webp/quality/90/
191 KB
192 KB
Image
General
Full URL
https://afar.brightspotcdn.com/dims4/default/2c55ab7/2147483647/strip/true/crop/3000x2000+0+0/resize/900x600!/format/webp/quality/90/?url=https%3A%2F%2Fk3-prod-afar-media.s3.us-west-2.amazonaws.com%2Fbrightspot%2F56%2Ff2%2Fccdca0d14a49b25de2071a5e802d%2Fshutterstock-2375702767.jpg
Requested by
Host: www.afar.com
URL: https://www.afar.com/magazine/when-where-celebrate-oktoberfest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-23.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e698031cbb215ce1c00d1b4a5bece1acc70586ebacef0cc0ca9e491bd58235ce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.afar.com/

Response headers

cache-control
max-age=31536000, public
etag
35a6e5e032759d5b840fe5fdfde99a8e
x-envoy-upstream-service-time
666
x-envoy-decorator-operation
brightspot-dims-verify.afar-media.svc.cluster.local:80/*
via
1.1 717c15467a10d8501ae3f6716e2421d8.cloudfront.net (CloudFront)
expires
Thu, 15 Jan 2026 17:34:38 GMT
x-cache
Miss from cloudfront
content-length
196090
x-amz-cf-id
bK5rrYfUJMyGx39GmQi4OBGCptgNtEZQfAJDHsGEnWogbWE-XMduzA==
date
Wed, 15 Jan 2025 17:34:38 GMT
edge-control
downstream-ttl=31536000
content-type
image/webp
x-amz-cf-pop
FRA56-P11
server
istio-envoy
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/
67 B
306 B
XHR
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.32.137 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d91c4b4bcabca42e67bdb3f2fdfe9f52017b9b67111bff940ce2bcc4b7064abc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept
application/json
Referer
https://www.afar.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
access-control-allow-methods
GET, OPTIONS
cf-ray
90279e1a5bd36930-LIS
access-control-allow-origin
*
date
Wed, 15 Jan 2025 17:34:37 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
Content-Type
sdk.js
connect.facebook.net/en_US/
254 KB
75 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=683c0e334a6c30d37f14c17abdc76972
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
f15ab895c5b88ed2884e19548b155970cd87c921bcb8b4460e8bc3a3e99ee35c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.afar.com
Referer
https://www.afar.com/

Response headers

content-md5
HEZfZzOPBECAEYZA2PiJ6w==
access-control-expose-headers
X-FB-Content-MD5
content-encoding
gzip
etag
"c47f9e580ed7f1a068accefafec7431b"
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Thu, 15 Jan 2026 16:41:13 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 15 Jan 2025 17:34:37 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5
fb49c0a97c7fbff3766110fb1c8522fd
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
UNKNOWN; q=-1, rtt=-1, rtx=0, c=20, mss=1232, tbw=1888, tp=5, tpl=0, uplat=0, ullat=-1
x-fb-debug
mcG7xCemlN90ywk2pOki4/pwymtpCwXrAmMu/2kZk/APRh0EcJkwPoSt47ssYCPhOFLkbhEB5qjwulfFVfphbA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
access-control-allow-origin
*
content-length
76640
origin-agent-cluster
?1
recaptcha__pt_pt.js
www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/
548 KB
217 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__pt_pt.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=recaptchaLoaded
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
cb840e53de106050cb9e87fd2f13994a1039f69e0c5bcb4c01080bde2e3afa85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.afar.com
Referer
https://www.afar.com/

Response headers

content-encoding
gzip
age
21846
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Thu, 15 Jan 2026 11:30:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 15 Jan 2025 11:30:31 GMT
last-modified
Tue, 10 Dec 2024 23:05:10 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
221956
x-xss-protection
0
server
sffe
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202501090101/
499 KB
155 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202501090101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
e7642c7c3463389469603976cf177950c10d209eab60eae7000de04ff3b7b4fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.afar.com/

Response headers

content-encoding
br
etag
6069374810144360343
age
14763
x-content-type-options
nosniff
expires
Thu, 15 Jan 2026 13:28:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 15 Jan 2025 13:28:34 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
158760
x-xss-protection
0
server
cafe
gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202501140101/
63 KB
22 KB
Other
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/dict/m202501140101/gpt
Requested by
Host: www.afar.com
URL: https://www.afar.com/magazine/when-where-celebrate-oktoberfest
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
50877dd41cc4274949ec5c86d5ad8434fcc465fa0ef1e66f249df2ca9ecb85fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
17390002121688673161
age
7407
x-content-type-options
nosniff
expires
Thu, 16 Jan 2025 15:31:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 15 Jan 2025 15:31:10 GMT
content-type
text/plain; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=86400, stale-while-revalidate=7200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
22937
x-xss-protection
0
server
cafe
use-as-dictionary
match="/gampad/ads", id="m202501140101"
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202211.1.0/
383 KB
92 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202211.1.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff3565cc93cf3c21b441dd5911de725fb55e4d203cfe380ea1b70adfc9c7504b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.afar.com/

Response headers

content-md5
9qSRvp3H9roScfT6qXUxeQ==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DADEA07933BD54
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
49907
x-content-type-options
nosniff
date
Wed, 15 Jan 2025 17:34:37 GMT
content-type
application/javascript
last-modified
Thu, 15 Dec 2022 13:30:03 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
74f27921-501e-00f1-3f3e-5b4219000000
cf-ray
90279e1acc50691d-LIS
accept-ranges
bytes
access-control-allow-origin
*
content-length
93485
x-ms-blob-type
BlockBlob
server
cloudflare
pwt.js
ads.pubmatic.com/AdServer/js/pwt/156500/13793/
274 KB
87 KB
Script
General
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/156500/13793/pwt.js
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.28.88.244 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-88-244.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1aa84d80aba2bc14029f0e99721c199f51cdaeb06a66aa9433f2bc4977a79f67

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.afar.com/

Response headers

cache-control
max-age=77689
content-encoding
gzip
expires
Thu, 16 Jan 2025 15:09:26 GMT
accept-ranges
bytes
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
88884
date
Wed, 15 Jan 2025 17:34:37 GMT
last-modified
Mon, 15 Jul 2024 19:01:17 GMT
content-type
application/javascript
server
Apache
vary
Accept-Encoding
en.json
cdn.cookielaw.org/consent/deb98973-8077-4f88-b831-c116284d4f09/d9e7ac55-de47-48bc-a7c6-d72e3e75f56e/
102 KB
20 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/consent/deb98973-8077-4f88-b831-c116284d4f09/d9e7ac55-de47-48bc-a7c6-d72e3e75f56e/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01fd16ebf05831646ba0a186ca2b9e0fd2a8471fd5f15ffa748cb16a33938a84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.afar.com/

Response headers

content-md5
/CqZAlbxfllaYM9+UAgo4g==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
cf-cache-status
HIT
etag
0x8DBB88EEB9F326D
age
45593
x-ms-lease-status
unlocked
x-content-type-options
nosniff
x-ms-version
2009-09-19
expires
Thu, 16 Jan 2025 17:34:37 GMT
date
Wed, 15 Jan 2025 17:34:37 GMT
content-type
application/json
last-modified
Mon, 18 Sep 2023 21:33:38 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin, cross-origin
x-ms-request-id
58a82494-001e-000c-204c-267d7b000000
cf-ray
90279e1be80c03da-LIS
accept-ranges
bytes
access-control-allow-origin
*
content-length
20320
x-ms-blob-type
BlockBlob
server
cloudflare
t
jadserve.postrelease.com/
5 KB
2 KB
Script
General
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.afar.com%2Fmagazine%2Fwhen-where-celebrate-oktoberfest&ntv_mvi
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.225.81.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-225-81-217.compute-1.amazonaws.com
Software
nginx /
Resource Hash
763d5ed24a2e360c79ac5cd43cef6865d18d5c2de4955e3561e11c43a9949e26

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.afar.com/

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
gzip
pragma
no-cache
expires
Mon, 1 Jan 1990 12:00:00 GMT
access-control-allow-origin
*
content-length
1741
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 15 Jan 2025 17:34:37 GMT
content-type
text/javascript;charset=UTF-8
server
nginx
otFlat.json
cdn.cookielaw.org/scripttemplates/202211.1.0/assets/
13 KB
3 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202211.1.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.afar.com/

Response headers

content-md5
e46v9E9tm8neLGw2SIjXTA==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DADEA0743223DD
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
13292
x-content-type-options
nosniff
date
Wed, 15 Jan 2025 17:34:37 GMT
content-type
application/json
last-modified
Thu, 15 Dec 2022 13:29:55 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
0e68a871-c01e-0011-7f5c-0ba491000000
cf-ray
90279e1c88ee03da-LIS
accept-ranges
bytes
access-control-allow-origin
*
content-length
3020
x-ms-blob-type
BlockBlob
server
cloudflare
otPcCenter.json
cdn.cookielaw.org/scripttemplates/202211.1.0/assets/v2/
61 KB
12 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202211.1.0/assets/v2/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40c8084ce459211c73bf91eaa18b6152cc5fc9e29245dcec381da35ee51334b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.afar.com/

Response headers

content-md5
DNL7D9cwlU7yFZUg2W8ZNA==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DADEA0758F35B0
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
5121
x-content-type-options
nosniff
date
Wed, 15 Jan 2025 17:34:37 GMT
content-type
application/json
last-modified
Thu, 15 Dec 2022 13:29:57 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
03b43b17-401e-003e-4e00-23aefc000000
cf-ray
90279e1c88f103da-LIS
accept-ranges
bytes
access-control-allow-origin
*
content-length
12540
x-ms-blob-type
BlockBlob
server
cloudflare
otCookieSettingsButton.json
cdn.cookielaw.org/scripttemplates/202211.1.0/assets/
5 KB
2 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202211.1.0/assets/otCookieSettingsButton.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a09d0f89e99cf5a081315ff701187632005dabd23f3ca116a75790003faa7e8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.afar.com/

Response headers

content-md5
mKXyB0i0e/ovyyYLJHrm7w==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DADEA07546ECE3
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
45593
x-content-type-options
nosniff
date
Wed, 15 Jan 2025 17:34:37 GMT
content-type
application/json
last-modified
Thu, 15 Dec 2022 13:29:57 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
b8e31128-e01e-002f-033d-4512b0000000
cf-ray
90279e1c88f203da-LIS
accept-ranges
bytes
access-control-allow-origin
*
content-length
1767
x-ms-blob-type
BlockBlob
server
cloudflare
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202211.1.0/assets/
21 KB
4 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202211.1.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e742a29ab02f35ebd0fe4d7e3b929faca09ab1f0282415406dcb4e0486253f5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.afar.com/

Response headers

content-md5
XcxlleAcPGO2n5kTZrHH2Q==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status
unlocked
cf-bgj
minify
cf-cache-status
HIT
x-ms-version
2009-09-19
age
7923
content-encoding
gzip
x-content-type-options
nosniff
cf-polished
origSize=21721
date
Wed, 15 Jan 2025 17:34:37 GMT
content-type
text/css
last-modified
Thu, 15 Dec 2022 13:30:09 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
b0d5150a-d01e-0013-1400-231d8f000000
cf-ray
90279e1c88f403da-LIS
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
ot_close.svg
cdn.cookielaw.org/logos/static/
651 B
601 B
Image
General
Full URL
https://cdn.cookielaw.org/logos/static/ot_close.svg
Requested by
Host: www.afar.com
URL: https://www.afar.com/magazine/when-where-celebrate-oktoberfest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.afar.com/

Response headers

content-md5
pcXWFGpuVeSg/jVnYCseRg==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
33254
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 15 Jan 2025 17:34:37 GMT
content-type
image/svg+xml
last-modified
Wed, 15 Jan 2025 03:19:01 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
52ad46a9-001e-008f-7d0e-67ddd6000000
cf-ray
90279e1d2fb6691d-LIS
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/
497 B
533 B
Fetch
General
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.afar.com/

Response headers

content-md5
tXyZydHjxQshFMbbBT1/8A==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
HIT
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 15 Jan 2025 17:34:37 GMT
content-type
image/svg+xml
last-modified
Wed, 15 Jan 2025 03:19:01 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
54ff61eb-a01e-00cd-2e17-67f6c2000000
cf-ray
90279e1d29a303da-LIS
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
ot_company_logo.png
cdn.cookielaw.org/logos/static/
4 KB
4 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/static/ot_company_logo.png
Requested by
Host: www.afar.com
URL: https://www.afar.com/magazine/when-where-celebrate-oktoberfest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.afar.com/

Response headers

content-md5
E8+sk/ECzKgTUVtDLikiIA==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DD35135BD59B41
age
33895
cf-cache-status
HIT
x-content-type-options
nosniff
date
Wed, 15 Jan 2025 17:34:37 GMT
content-type
image/png
last-modified
Wed, 15 Jan 2025 03:19:01 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
8830c174-601e-0053-2d11-678f85000000
cf-ray
90279e1d3fdf691d-LIS
accept-ranges
bytes
access-control-allow-origin
*
content-length
4036
x-ms-blob-type
BlockBlob
server
cloudflare
powered_by_logo.svg
cdn.cookielaw.org/logos/static/
5 KB
2 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Requested by
Host: www.afar.com
URL: https://www.afar.com/magazine/when-where-celebrate-oktoberfest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.afar.com/

Response headers

content-md5
Y+c301RBZNK39PvKQWrIBw==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
605
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 15 Jan 2025 17:34:37 GMT
content-type
image/svg+xml
last-modified
Wed, 15 Jan 2025 03:19:02 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
361863cc-201e-0032-1009-67cb5a000000
cf-ray
90279e1d3fe6691d-LIS
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
anchor
www.google.com/recaptcha/api2/ Frame 766F
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LedSqwUAAAAADgTvm-iYtiOb9VVsdy873ZKR2LT&co=aHR0cHM6Ly93d3cuYWZhci5jb206NDQz&hl=pt-PT&v=zIriijn3uj5Vpknvt_LnfNbF&size=normal&cb=g75upk1vnkzy
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__pt_pt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ekMAgAfuUmcshMBX9ptmGg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.afar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-ekMAgAfuUmcshMBX9ptmGg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Wed, 15 Jan 2025 17:34:37 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.afar.com%2F&domain=www.afar.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.afar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.afar.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 15 Jan 2025 17:34:37 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
235702
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/
2 B
371 B
Fetch
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.afar.com%2F&domain=www.afar.com&cw=1&lsw=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156500/13793/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
Referer
https://www.afar.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
202030
expires
0
access-control-allow-origin
https://www.afar.com
date
Wed, 15 Jan 2025 17:34:38 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
Kestrel
prebid
id5-sync.com/api/config/
194 B
661 B
Fetch
General
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156500/13793/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
cfe103cb575c16171ee932e2daae7d0bd56a88838f0e29e6d549c9b1b989faf5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.afar.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://www.afar.com
p3p
CP="CAO PSA OUR"
date
Wed, 15 Jan 2025 17:34:37 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials
true
id
id.crwdcntrl.net/
43 B
290 B
Fetch
General
Full URL
https://id.crwdcntrl.net/id?c=17207
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156500/13793/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.180.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-180-213.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.afar.com/

Response headers

cache-control
no-cache
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://www.afar.com
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length
43
date
Wed, 15 Jan 2025 17:34:38 GMT
content-type
application/json;charset=utf-8
x-server
10.45.26.118
rid
match.adsrvr.org/track/
63 B
420 B
Fetch
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156500/13793/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
98fc9926f001a89e637a981cdb6482f279060996af7f5619826827e32cfa2b5f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.afar.com/

Response headers

cache-control
private
content-encoding
gzip
access-control-allow-credentials
true
expires
Fri, 14 Feb 2025 17:34:38 GMT
access-control-allow-origin
https://www.afar.com
date
Wed, 15 Jan 2025 17:34:38 GMT
content-type
application/json
vary
Origin, Accept-Encoding
server
Kestrel
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
wl
t.pubmatic.com/
17 B
180 B
Fetch
General
Full URL
https://t.pubmatic.com/wl?pubid=156500
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156500/13793/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/x-www-form-urlencoded
Referer
https://www.afar.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://www.afar.com
content-length
17
date
Wed, 15 Jan 2025 17:34:38 GMT
content-type
text/plain; charset=utf-8
trk.gif
jadserve.postrelease.com/
43 B
422 B
Image
General
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=8817479&ntv_pl=1248671
Requested by
Host: www.afar.com
URL: https://www.afar.com/magazine/when-where-celebrate-oktoberfest
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.225.81.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-225-81-217.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.afar.com/

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
expires
Mon, 1 Jan 1990 12:00:00 GMT
access-control-allow-origin
*
content-length
43
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 15 Jan 2025 17:34:38 GMT
content-type
image/gif
server
nginx
topics.html
postrelease.com/iframes/ Frame 3278
0
0
Document
General
Full URL
https://postrelease.com/iframes/topics.html
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.36.224.135 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-36-224-135.us-west-2.compute.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.afar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-length
582
content-type
text/html
date
Wed, 15 Jan 2025 17:34:38 GMT
etag
"ec22fdd2cd0ccf11c7761864efa96c06"
last-modified
Fri, 15 Mar 2024 21:34:47 GMT
server
AmazonS3
x-amz-id-2
h2QzxvbvzzwJTiRbMwVgqBWjPvkawXOMcghuhnt+oi5IzXXNeezSyN3Qq22nccvvBE3Gwwk9Dys=
x-amz-request-id
3PK7DD315WSQP5BH
x-amz-server-side-encryption
AES256
trk.gif
jadserve.postrelease.com/
43 B
422 B
Image
General
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=2acf47b3-035f-4b7c-a59c-83beb008c82e&ntv_fl=it3KKGBU5hlBAaJIuV3Y6YvGhJFQAgWc_YCSGjRoKIC5p-LTzu-flCBqsxoSzDrrsNpYqsIGFzZfFLIZP3QLs4bMvgzcJZTVvBOI5eIbF5hpeH8LmQPPYIul9ICl-ZJjEcoaFQZMYR7W-8O7x5IkwIDCJAzZ3eqPYeIVs_XcxGwxuR4BYlIMYJAcZTOlSZa-CltUJhFxoeWbDQdOj_PJFWXEC_N5_vVd0iq2AsG5OcxTEY4wAUNc7JX6gHnTtbcVS82oxavPNNWfkCFRNXOpp2QpSOHHk2vRtyoNqkMrls8OXCLd-QYMmE6IU4dzFnb6Lb7fRoz0ABiDfZd3p2dm4AtwfqdxKnKSdBYKUiKEJqU=&ntv_ht=rfGHZwA&ntv_at=303,302&ntv_a=AAAAAAAAAAoQ0TA&ord=1736962477970&ntv_it
Requested by
Host: www.afar.com
URL: https://www.afar.com/magazine/when-where-celebrate-oktoberfest
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.225.81.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-225-81-217.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.afar.com/

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
expires
Mon, 1 Jan 1990 12:00:00 GMT
access-control-allow-origin
*
content-length
43
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 15 Jan 2025 17:34:38 GMT
content-type
image/gif
server
nginx
trk.gif
jadserve.postrelease.com/
43 B
422 B
Image
General
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=39fb3350-52b7-4a5b-88b6-7caa3a7efcbf&ntv_fl=yoFiO1gNhZAcl2OiegC6L5GFAIqfJ3Zd1DKaHFf0NcAdomtPTOJQI9N-5Q3aEyYpibGIIWg5bmdCVkS35IiNKrEfUFAFP59Pfp0mFBo5gCyAmLnFuS2r_Yx2sVRBZRy2zTWhMsUvPaUXAZWixrjOlaDsw5l6jLCoQKWhHNUPb2OEFaQyIJH00obd17iiDwjNj7Os4Tpav9n9jUFUL1gUCsAQSDoSvpZ9lO0KPRYvdQ5MvxIAfJEMCxBNxeOgY6P9NpUPkLA1w2fURGahJTTNBOnN7mpb99VH5Xgs73LdVNVXFB0WsdxLVkdxA9pB1AHnLyaRJm7PS0To62Wpr7gagOyvnSzTaM2Vqm-62eobCio=&ntv_ht=rfGHZwA&ntv_at=303&ntv_a=AAAAAAAAAAoA0TA&ord=1736962477972&ntv_it
Requested by
Host: www.afar.com
URL: https://www.afar.com/magazine/when-where-celebrate-oktoberfest
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.225.81.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-225-81-217.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.afar.com/

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
expires
Mon, 1 Jan 1990 12:00:00 GMT
access-control-allow-origin
*
content-length
43
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 15 Jan 2025 17:34:38 GMT
content-type
image/gif
server
nginx
trk.gif
jadserve.postrelease.com/
43 B
422 B
Image
General
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=309c96d4-533a-4d95-ad8c-c3cb4abb2c07&ntv_fl=C77vgQdMSoPgD4QeTVlQViy-ivZvPIR5FU4t_Ry7JgWTgVA_Y0nm_pjvo4KwxLSyf-nzltxaOYbHKHHv_3syk_cJZmO8qO4najqqqCsYWyk1D6vDOuoDfmWZOrfWODTytp5bIoNM4XRqyNnsVUfpT8c5A6oLN2nHwNnKt1Y0QpD57msgmh3n9MPwqXo2mJmKZVwaahC_GyU-KRH-CWX6NroeJDvGdvbQtzgk7CNFIMEB70dBVV8JfQBcFGrcyCmi5HzoZCHTGEaiA0vlOrGFdK2ZGJkKeiANQfF1mMl-Kmwfj6CzxKfsjNxMgmhmh7T7iilfYyjOMd20UvHkekRZwBBpgoId7_tlNbuKj9ie0xM=&ntv_ht=rfGHZwA&ntv_at=303&ntv_a=AAAAAAAAAAnw0TA&ord=1736962477972&ntv_it
Requested by
Host: www.afar.com
URL: https://www.afar.com/magazine/when-where-celebrate-oktoberfest
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.225.81.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-225-81-217.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.afar.com/

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
expires
Mon, 1 Jan 1990 12:00:00 GMT
access-control-allow-origin
*
content-length
43
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 15 Jan 2025 17:34:38 GMT
content-type
image/gif
server
nginx
privacyConsent
jadserve.postrelease.com/
43 B
422 B
Image
General
Full URL
https://jadserve.postrelease.com/privacyConsent?ntv_pl=1248673&ntv_gdpr_consent=&ntv_it
Requested by
Host: www.afar.com
URL: https://www.afar.com/magazine/when-where-celebrate-oktoberfest
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.225.81.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-225-81-217.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.afar.com/

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
expires
Mon, 1 Jan 1990 12:00:00 GMT
access-control-allow-origin
*
content-length
43
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 15 Jan 2025 17:34:38 GMT
content-type
image/gif
server
nginx
v1
lb.eu-1-id5-sync.com/lb/
45 B
284 B
Fetch
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156500/13793/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
a5c19e9cba72c59a1440aed7805f13c2cb8a804b881061920c10d257662b8fba
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.afar.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://www.afar.com
date
Wed, 15 Jan 2025 17:34:37 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
429.json
id5-sync.com/g/v2/
385 B
577 B
Fetch
General
Full URL
https://id5-sync.com/g/v2/429.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156500/13793/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
028a6227ab1f5b1035b1ea97642a4b3c85d60d01649e5be29b461554344c9c45
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.afar.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://www.afar.com
date
Wed, 15 Jan 2025 17:34:38 GMT
content-type
application/json
vary
Origin
access-control-allow-credentials
true
bframe
www.google.com/recaptcha/api2/ Frame 1F3B
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=pt-PT&v=zIriijn3uj5Vpknvt_LnfNbF&k=6LedSqwUAAAAADgTvm-iYtiOb9VVsdy873ZKR2LT
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__pt_pt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-XK_XVYCB6eJPGxfSpSb1Ag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.afar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-XK_XVYCB6eJPGxfSpSb1Ag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Wed, 15 Jan 2025 17:34:38 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
favicon-16x16.png
www.afar.com/
487 B
936 B
Other
General
Full URL
https://www.afar.com/favicon-16x16.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-91.fra6.r.cloudfront.net
Software
istio-envoy /
Resource Hash
ae91904f5af1421191e6cf303b1f1f7161fed81dd098b59683f1c76054c2780c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.afar.com/magazine/when-where-celebrate-oktoberfest

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-envoy-upstream-service-time
70
age
295
x-envoy-decorator-operation
brightspot-frontend-verify.afar-media.svc.cluster.local:80/*
via
1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
510
x-amz-cf-id
4_5ujuO-8fjuJkXs7lXw4u1Rcc7NFuOnUSEbSxCABHN3-JwsCzPHYQ==
date
Wed, 15 Jan 2025 17:29:43 GMT
content-type
image/png;charset=UTF-8
vary
Accept-Encoding
server
istio-envoy
x-amz-cf-pop
FRA6-C1
favicon-32x32.png
www.afar.com/
833 B
1 KB
Other
General
Full URL
https://www.afar.com/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-91.fra6.r.cloudfront.net
Software
istio-envoy /
Resource Hash
ec1e190131313f0138a3190e64520ba09a735c35463650c10523219ff1e72b39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.afar.com/magazine/when-where-celebrate-oktoberfest

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-envoy-upstream-service-time
75
age
254
x-envoy-decorator-operation
brightspot-frontend-verify.afar-media.svc.cluster.local:80/*
via
1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
856
x-amz-cf-id
-MUHLw_jCub12EQ9QLCL9gEGwRb7-OQjyD_M6e0FoRbsGInCcsnOvg==
date
Wed, 15 Jan 2025 17:30:24 GMT
content-type
image/png;charset=UTF-8
vary
Accept-Encoding
server
istio-envoy
x-amz-cf-pop
FRA6-C1

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| brightspotDataLayer object| WebComponents object| head object| script object| leaflet object| L function| fbAsyncInit function| OptanonWrapper object| dataLayer function| recaptchaLoaded function| recaptchaEnable function| recaptchaDisable object| webpackChunkbrightspot_theme_core function| unfocus function| bspDfp object| OtTrustedType object| FB object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue object| otStubData object| google_tag_manager function| trackHoverIntent function| onYouTubeIframeAPIReady object| __buffer number| ntvLoadStart object| ntv object| prdom object| ntvValidTopWindow object| onFocusEvents object| ntvData function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvGetElementViewability function| ntvArticleTracker function| ntvViewableImpressionTracker object| Nativo object| PostRelease object| ntvToutAds boolean| onFocus object| google_reactive_ads_global_state object| Optanon object| OneTrust function| gtag string| OnetrustActiveGroups string| OptanonActiveGroups object| recaptcha object| closure_lm_691842 object| ihowpbjsChunk object| ihowpbjs object| regeneratorRuntime object| IHPWT string| partnerName string| key

7 Cookies

Domain/Path Name / Value
.afar.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Wed+Jan+15+2025+16%3A34%3A37+GMT-0100+(Hora+padr%C3%A3o+dos+A%C3%A7ores)&version=202211.1.0&isIABGlobal=false&hosts=&consentId=ae01891c-93af-47c1-97f2-1627bb3be66a&interactionCount=0&landingPath=https%3A%2F%2Fwww.afar.com%2Fmagazine%2Fwhen-where-celebrate-oktoberfest&groups=C0004%3A0%2CC0002%3A0%2CC0001%3A1%2CC0003%3A0
.afar.com/ Name: _pubcid
Value: 01bda189-7c5f-4349-ba7e-35e925f4d7ee
.afar.com/ Name: _pubcid_cst
Value: zix7LPQsHA%3D%3D
.postrelease.com/ Name: opt_out
Value: 1
.id5-sync.com/ Name: id5
Value: ee11b8ab-9f5d-742c-95aa-066e87c3c87b#1736962477976#1
www.afar.com/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222025-01-15T17%3A34%3A38%22%7D
www.afar.com/ Name: pbjs-unifiedid_cst
Value: zix7LPQsHA%3D%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.pubmatic.com
afar.brightspotcdn.com
cdn.cookielaw.org
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
gum.criteo.com
id.crwdcntrl.net
id5-sync.com
jadserve.postrelease.com
lb.eu-1-id5-sync.com
match.adsrvr.org
postrelease.com
s.ntv.io
securepubads.g.doubleclick.net
t.pubmatic.com
unpkg.com
www.afar.com
www.google.com
www.googletagmanager.com
www.gstatic.com
104.17.247.203
104.18.32.137
104.18.86.42
142.250.184.227
142.250.184.228
142.250.185.138
142.250.186.35
15.197.193.217
157.240.0.6
162.19.138.117
162.19.138.119
172.217.16.194
172.217.18.8
178.250.1.11
18.244.18.23
184.28.88.244
185.64.190.82
52.212.180.213
52.36.224.135
54.225.81.217
95.100.110.94
99.86.4.91
01d4e9afd27b564c252e6ca67694a8eed3f457bb204985a8606fb42c92d2bd37
01fd16ebf05831646ba0a186ca2b9e0fd2a8471fd5f15ffa748cb16a33938a84
028a6227ab1f5b1035b1ea97642a4b3c85d60d01649e5be29b461554344c9c45
02df1ad96662d6b8253fe4ab83ccae1413216f839430f740cf7851ac408763d4
0b35a4c406f7621e0349b7d9fe409877547c91d3a4e50332c6614103c2bb8c62
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
1aa84d80aba2bc14029f0e99721c199f51cdaeb06a66aa9433f2bc4977a79f67
1ba50672df8ef411a26f0b0e7009636a270137fd708b581ed93a0ba3fb9931f6
1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc
1f07cc6669e05fd82f67f43cbeb327873b95fceb6d34bc88b97a8157b6b48450
22854503cff931c7f14894720cb206e891ffc5d0c6eeeb6ad785c6fc8827a26c
2f7a36a285b875a5fce38e61185efe85d99a08f26c8ee726d7583ff4d1707db3
375f417c22b6a34e7499fcbf92ce1b19812054799406ec85c719ac0ce619fbfc
40c8084ce459211c73bf91eaa18b6152cc5fc9e29245dcec381da35ee51334b0
4324586d54ef8af7400a41d6f7c8182194f12b34289831464824a5a23b6fe6ba
43d10af4135e8d72ba05d32bad45745dbe02cb5a3a8cef351b554b215d27b82e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
50877dd41cc4274949ec5c86d5ad8434fcc465fa0ef1e66f249df2ca9ecb85fc
52e5401f96ca9a7fc38248bf9469bdc7006f53de52d7abfec96f4a39cf665d6d
5809efb2f7982ed02fe8f0fb6cb23404ec80b9217987b34a7a3887d22a356739
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
75853d0c1946ca0965927a3293d4cf6f3be0c1aa10ed30cba9977d90be00f332
763d5ed24a2e360c79ac5cd43cef6865d18d5c2de4955e3561e11c43a9949e26
76a8f593aee534aa1f3d97b37d4da7fdf9b2f41c3db01df766d74f41947a5dd5
7a1b7c8d47009d4c489a393d14fe77caf4c3c1eb1d6c238102857aca4e83395b
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
98fc9926f001a89e637a981cdb6482f279060996af7f5619826827e32cfa2b5f
99eae70473ab18cc09d6bf979d967fd959f45f36e40447f22f603232e5a073e6
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a09d0f89e99cf5a081315ff701187632005dabd23f3ca116a75790003faa7e8f
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
a5c19e9cba72c59a1440aed7805f13c2cb8a804b881061920c10d257662b8fba
a63d51d2bc783a5533bf21c2611ba1f9f2733265c2b1f2ce8072f8f673cc98b2
a7837102824184820dfa198d1ebcd109ff6d0ff9a2672a074b9a1b4d147d04c6
a8444badc2736d8be425e0e1f239ccc759f6b13a3177fbf6f7f5cab24ae6cbfa
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
ae91904f5af1421191e6cf303b1f1f7161fed81dd098b59683f1c76054c2780c
b420fdf5815d4c9a46f6fb93be10515ea5c4dd1f3ab19bae7594030332689163
b74d8f90a751d3dcd68f9b91856f356a931d4e2536da77b32fd73138d427cc11
cb840e53de106050cb9e87fd2f13994a1039f69e0c5bcb4c01080bde2e3afa85
ce22af6556f51741e04cd0400e809ebf501211e604357c766184f6594a232355
cfe103cb575c16171ee932e2daae7d0bd56a88838f0e29e6d549c9b1b989faf5
d9009929e7e5ec12dbe9382c3e13e84c9f3d313c4cac1f74cea2458aacf54717
d90c1c546b8eb15f2cc3934ca62d72842261c376c696808a4d0e3a07a978be62
d91c4b4bcabca42e67bdb3f2fdfe9f52017b9b67111bff940ce2bcc4b7064abc
db49d009c841f5ca34a888c96511ae936fd9f5533e90d8b2c4d57596f4e5641a
dcef3db293b547b522740810ca1b6fa4dea56a64f4b1c27f76379497f73255d9
e524d44843e7d1c9ec644402f6d3c2b74655676f373b5c1338807c11afc2325e
e698031cbb215ce1c00d1b4a5bece1acc70586ebacef0cc0ca9e491bd58235ce
e742a29ab02f35ebd0fe4d7e3b929faca09ab1f0282415406dcb4e0486253f5c
e7642c7c3463389469603976cf177950c10d209eab60eae7000de04ff3b7b4fe
ec1e190131313f0138a3190e64520ba09a735c35463650c10523219ff1e72b39
ef07058f93dfdbf046a92eba5bc5881e266b2fba62d6559f957e8952c771d1dd
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
f15ab895c5b88ed2884e19548b155970cd87c921bcb8b4460e8bc3a3e99ee35c
f26eebb1a32e0208b86d06166334dd0bacf153cc6b698a2fe9706ffe6dcd5143
f61f191c3a7e878e8e01858067a926a3b8f9a31eab073624e354c78fee1a89a8
f79cebc06cefbdf8634669ff3877a441757da7945f33a845edc5769f49bf8945
ff3565cc93cf3c21b441dd5911de725fb55e4d203cfe380ea1b70adfc9c7504b