barleflorian.com Open in urlscan Pro
109.238.12.156 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://barleflorian.com/wp-admin/network/kaltoon/authen
Submission: On April 01 via automatic, source openphish (April 1st 2023, 12:29:31 am UTC) — Scanned from FR

Summary HTTP 135 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 41 IPs in 4 countries across 31 domains to perform 135 HTTP transactions. The main IP is 109.238.12.156, located in France and belongs to IKOULA, FR. The main domain is barleflorian.com.
TLS certificate: Issued by R3 on March 15th 2023. Valid for: 3 months.

This is the only time barleflorian.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Cox (Telecommunication)

Domain & IP information

	IP Address	AS Autonomous System
4 8	109.238.12.156 109.238.12.156	21409 (IKOULA) (IKOULA)
2	162.247.243.30 162.247.243.30	54113 (FASTLY) (FASTLY)
1	54.69.177.37 54.69.177.37	16509 (AMAZON-02) (AMAZON-02)
1	18.66.112.77 18.66.112.77	16509 (AMAZON-02) (AMAZON-02)
16	18.66.147.25 18.66.147.25	16509 (AMAZON-02) (AMAZON-02)
1	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
7 23	45.60.47.167 45.60.47.167	19551 (INCAPSULA) (INCAPSULA)
2	15.236.117.205 15.236.117.205	16509 (AMAZON-02) (AMAZON-02)
1	3.13.67.214 3.13.67.214	16509 (AMAZON-02) (AMAZON-02)
2	13.224.189.10 13.224.189.10	16509 (AMAZON-02) (AMAZON-02)
6	2600:9000:223... 2600:9000:223e:8400:7:2bfb:7c00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	18.66.147.97 18.66.147.97	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2	108.138.7.55 108.138.7.55	16509 (AMAZON-02) (AMAZON-02)
1 4	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	52.41.47.191 52.41.47.191	16509 (AMAZON-02) (AMAZON-02)
1	44.239.247.221 44.239.247.221	16509 (AMAZON-02) (AMAZON-02)
1 2	52.210.192.50 52.210.192.50	16509 (AMAZON-02) (AMAZON-02)
1	64.185.227.155 64.185.227.155	18450 (WEBNX) (WEBNX)
1 9	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1	34.243.128.137 34.243.128.137	16509 (AMAZON-02) (AMAZON-02)
2	146.75.121.230 146.75.121.230	54113 (FASTLY) (FASTLY)
1	108.138.17.90 108.138.17.90	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223c:9a00:7:4902:e200:93a1	16509 (AMAZON-02) (AMAZON-02)
11	2606:4700::68... 2606:4700::6813:bc61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	34.193.189.214 34.193.189.214	14618 (AMAZON-AES) (AMAZON-AES)
5	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
7	2600:1f18:e8a... 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700:440... 2606:4700:4400::6812:2b9e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.1.244.191 52.1.244.191	14618 (AMAZON-AES) (AMAZON-AES)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.0.245.167 52.0.245.167	14618 (AMAZON-AES) (AMAZON-AES)
1	35.241.45.82 35.241.45.82	15169 (GOOGLE) (GOOGLE)
135	41

8 109.238.12.156 (France) 4 redirects

ASN21409 (IKOULA, FR)
PTR: frhb68273ds.ikexpress.com

barleflorian.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.243.30 (United States)

ASN54113 (FASTLY, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.69.177.37 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: b-app19-40.boldchat.com

vmss.boldchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-77.fra56.r.cloudfront.net

vt.myvisualiq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 18.66.147.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-25.fra60.r.cloudfront.net

gateway.foresee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 45.60.47.167 (United States) 7 redirects

ASN19551 (INCAPSULA, US)

webcdn3.cox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
webcdn.cox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
webcdn2.cox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
webcdn4.cox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
webcdn1.cox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.cox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.236.117.205 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-117-205.eu-west-3.compute.amazonaws.com

smetrics.cox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.13.67.214 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-13-67-214.us-east-2.compute.amazonaws.com

collector-8132.tvsquared.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.189.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-10.fra2.r.cloudfront.net

solutions.invocacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:223e:8400:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.147.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-97.fra60.r.cloudfront.net

global.oktacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.7.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-55.fra56.r.cloudfront.net

dds6m601du5ji.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.41.47.191 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: b-app19-35.boldchat.com

vms.boldchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.239.247.221 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: b-app19-36.boldchat.com

images.boldchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.210.192.50 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-192-50.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.185.227.155 (United States)

ASN18450 (WEBNX, US)
PTR: 64-185-227-155.static.webnx.com

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

f8fbae65ef7bb3203c5b5633660587c4.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.243.128.137 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-128-137.eu-west-1.compute.amazonaws.com

target.cox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.75.121.230 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

resources.digital-cloud.medallia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-90.fra56.r.cloudfront.net

cdn.decibelinsight.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:9a00:7:4902:e200:93a1 (United States)

ASN16509 (AMAZON-02, US)

d.rageagainstthesoap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6813:bc61 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.193.189.214 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-189-214.compute-1.amazonaws.com

brain.foresee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

en.rageagainstthesoap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2b9e (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.1.244.191 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-244-191.compute-1.amazonaws.com

analytics.foresee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.0.245.167 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-245-167.compute-1.amazonaws.com

s-vop.sundaysky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.45.82 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 82.45.241.35.bc.googleusercontent.com

udc-neb.kampyle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	cox.com 7 redirects webcdn3.cox.com — Cisco Umbrella Rank: 386687 webcdn.cox.com — Cisco Umbrella Rank: 93411 smetrics.cox.com — Cisco Umbrella Rank: 119325 webcdn2.cox.com — Cisco Umbrella Rank: 253656 webcdn4.cox.com — Cisco Umbrella Rank: 882513 webcdn1.cox.com www.cox.com — Cisco Umbrella Rank: 66420 target.cox.com — Cisco Umbrella Rank: 148232	403 KB
25	foresee.com gateway.foresee.com — Cisco Umbrella Rank: 5751 brain.foresee.com — Cisco Umbrella Rank: 10275 analytics.foresee.com — Cisco Umbrella Rank: 7182	168 KB
11	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 433	151 KB
10	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 90 www.google.com — Cisco Umbrella Rank: 2	30 KB
8	rageagainstthesoap.com d.rageagainstthesoap.com — Cisco Umbrella Rank: 72582 en.rageagainstthesoap.com — Cisco Umbrella Rank: 57831	34 KB
8	barleflorian.com 4 redirects barleflorian.com	86 KB
7	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 201 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41	246 KB
6	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 1143	131 KB
5	gstatic.com www.gstatic.com	541 KB
4	google.fr www.google.fr — Cisco Umbrella Rank: 14332	691 B
4	boldchat.com vmss.boldchat.com — Cisco Umbrella Rank: 15917 vms.boldchat.com — Cisco Umbrella Rank: 14290 images.boldchat.com — Cisco Umbrella Rank: 68494	21 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 407	12 KB
3	oktacdn.com global.oktacdn.com — Cisco Umbrella Rank: 10844	349 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	146 KB
2	medallia.com resources.digital-cloud.medallia.com — Cisco Umbrella Rank: 5465	84 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 215	2 KB
2	cloudfront.net dds6m601du5ji.cloudfront.net	4 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 176	18 KB
2	invocacdn.com solutions.invocacdn.com — Cisco Umbrella Rank: 7410	39 KB
2	nr-data.net bam-cell.nr-data.net — Cisco Umbrella Rank: 2094	966 B
1	kampyle.com udc-neb.kampyle.com — Cisco Umbrella Rank: 2562	318 B
1	sundaysky.com s-vop.sundaysky.com — Cisco Umbrella Rank: 16605	319 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 648	295 B
1	decibelinsight.net cdn.decibelinsight.net — Cisco Umbrella Rank: 8800	77 KB
1	googlesyndication.com f8fbae65ef7bb3203c5b5633660587c4.safeframe.googlesyndication.com	3 KB
1	ipify.org api.ipify.org — Cisco Umbrella Rank: 2603	98 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 198	26 KB
1	tvsquared.com collector-8132.tvsquared.com	9 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 444	16 KB
1	myvisualiq.net vt.myvisualiq.net — Cisco Umbrella Rank: 21571	3 KB
135	31

	Domain	Requested by
16	gateway.foresee.com	barleflorian.com
11	cdn.cookielaw.org	barleflorian.com
11	webcdn.cox.com	barleflorian.com webcdn.cox.com
9	www.google.com	1 redirects barleflorian.com www.cox.com www.gstatic.com www.google.com
8	barleflorian.com	4 redirects barleflorian.com
7	en.rageagainstthesoap.com	barleflorian.com
7	brain.foresee.com	barleflorian.com
6	tags.tiqcdn.com	barleflorian.com
5	www.gstatic.com	www.google.com
5	www.cox.com	barleflorian.com www.cox.com
4	www.google.fr	barleflorian.com
4	googleads.g.doubleclick.net	1 redirects barleflorian.com
3	bat.bing.com	barleflorian.com bat.bing.com
3	securepubads.g.doubleclick.net	barleflorian.com
3	webcdn2.cox.com	3 redirects
3	global.oktacdn.com	barleflorian.com global.oktacdn.com
3	www.googletagmanager.com	barleflorian.com
2	analytics.foresee.com	barleflorian.com
2	resources.digital-cloud.medallia.com	barleflorian.com
2	dpm.demdex.net	1 redirects barleflorian.com
2	vms.boldchat.com	barleflorian.com
2	dds6m601du5ji.cloudfront.net	barleflorian.com
2	www.googleadservices.com	barleflorian.com
2	webcdn4.cox.com	2 redirects
2	solutions.invocacdn.com	barleflorian.com
2	smetrics.cox.com	barleflorian.com
2	bam-cell.nr-data.net	barleflorian.com
1	udc-neb.kampyle.com
1	s-vop.sundaysky.com
1	geolocation.onetrust.com	barleflorian.com
1	d.rageagainstthesoap.com	barleflorian.com
1	cdn.decibelinsight.net	barleflorian.com
1	target.cox.com	barleflorian.com
1	f8fbae65ef7bb3203c5b5633660587c4.safeframe.googlesyndication.com	barleflorian.com
1	api.ipify.org	barleflorian.com
1	images.boldchat.com	barleflorian.com
1	adservice.google.com	barleflorian.com
1	webcdn1.cox.com	1 redirects
1	www.googletagservices.com	barleflorian.com
1	collector-8132.tvsquared.com	barleflorian.com
1	webcdn3.cox.com	1 redirects
1	www.google-analytics.com	barleflorian.com
1	js-agent.newrelic.com	barleflorian.com
1	vt.myvisualiq.net	barleflorian.com
1	vmss.boldchat.com	barleflorian.com
135	45

This site contains links to these domains. Also see Links.

Domain
www.cox.com
www.onetrust.com

Subject Issuer	Validity	Valid
barleflorian.com R3	`2023-03-15` - `2023-06-13`	3 months	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh
*.boldchat.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-14` - `2024-03-13`	a year	crt.sh
*.myvisualiq.net Amazon RSA 2048 M01	`2023-03-01` - `2023-09-16`	7 months	crt.sh
foresee.com Amazon RSA 2048 M01	`2023-03-01` - `2023-06-26`	4 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
smetrics.cox.com Entrust Certification Authority - L1K	`2023-03-16` - `2024-03-28`	a year	crt.sh
*.tvsquared.com Amazon RSA 2048 M02	`2023-02-09` - `2023-09-13`	7 months	crt.sh
invocacdn.com Amazon RSA 2048 M02	`2023-02-28` - `2023-11-22`	9 months	crt.sh
tags.tiqcdn.com Amazon RSA 2048 M02	`2023-03-01` - `2023-06-16`	4 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.oktacdn.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-03` - `2024-01-02`	a year	crt.sh
webcdn.cox.com Entrust Certification Authority - L1K	`2022-10-12` - `2023-10-25`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2023-02-07` - `2024-02-18`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.google.fr GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
target.cox.com Entrust Certification Authority - L1K	`2022-09-22` - `2023-10-05`	a year	crt.sh
resources.digital-cloud.medallia.com R3	`2023-03-04` - `2023-06-02`	3 months	crt.sh
*.decibelinsight.net Amazon RSA 2048 M01	`2023-02-28` - `2024-02-12`	a year	crt.sh
*.rageagainstthesoap.com Amazon RSA 2048 M02	`2023-03-01` - `2024-01-10`	10 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2022-05-01` - `2023-05-01`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
*.foresee.com Go Daddy Secure Certificate Authority - G2	`2022-09-01` - `2023-10-03`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
*.sundaysky.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-16` - `2023-06-16`	a year	crt.sh
*.kampyle.com SSL.com RSA SSL subCA	`2023-03-29` - `2024-02-28`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://barleflorian.com/wp-admin/network/kaltoon/authen
Frame ID: F86E6C304DC52B9C7EA5413074517C78
Requests: 112 HTTP requests in this frame

Frame: https://f8fbae65ef7bb3203c5b5633660587c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 40F1B5292EC2588E424B9665395317F9
Requests: 1 HTTP requests in this frame

Frame: https://www.cox.com/content/dam/cox/common/cookie-jar.html
Frame ID: FBFA1A172E6FDECC7B0876674ED1D794
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 846A44994F12575784A2EEDF49389015
Requests: 1 HTTP requests in this frame

Frame: https://www.cox.com/_Incapsula_Resource?SWUDNSAI=31&xinfo=14-163523098-0%200NNN%20RT%281680308963422%201346%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B12%2811%2c47606%2c0%29%20U24&incident_id=1517000460287098728-765279407499447182&edet=12&cinfo=0b000000&rpinfo=0&cts=a2sO2PgGS2vKNZrVX8H6kWrnGEr8ajW1LRXgaU6yT%2fpawy1uH%2fw4lO0bEylymixV&mth=GET
Frame ID: CBCD24C4630141BEDCC07D2E41DDE60F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld38BkUAAAAAPATwit3FXvga1PI6iVTb6zgXw62&co=aHR0cHM6Ly93d3cuY294LmNvbTo0NDM.&hl=fr&v=NZrMWHVy58-S9gVvad9HVGxk&size=normal&cb=abr2qqsh744p
Frame ID: 7D7E353F4CD027F4251CDE8D45EAD893
Requests: 4 HTTP requests in this frame

Frame: https://bat.bing.com/bat.js
Frame ID: 10843B91FAD87F0AAAED6AFF66C962AB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=fr&v=NZrMWHVy58-S9gVvad9HVGxk&k=6Ld38BkUAAAAAPATwit3FXvga1PI6iVTb6zgXw62
Frame ID: BA8EBC1BF416013FDA4425080F13E036
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Cox Login - Sign Into Your Cox Account

Page URL History Show full URLs

https://barleflorian.com/wp-admin/network/kaltoon/authen HTTP 302
https://barleflorian.com/wp-admin/network/kaltoon/ HTTP 302
https://barleflorian.com/wp-admin/network/kaltoon/authen Page URL

Detected technologies

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

135
Requests

90 %
HTTPS

40 %
IPv6

31
Domains

45
Subdomains

41
IPs

4
Countries

2616 kB
Transfer

8795 kB
Size

44
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cox.com/myprofile/forgot-userid.html?finalview=https%3A%2F%2Fwww.cox.com%2Fwebapi%2Fcdncache%2Fcookieset%3Fresource%3Dhttps%3A%2F%2Fwww.cox.com%2Fresaccount%2Fhome.cox
Title: Forgot User ID?

Search URL Search Domain Scan URL

URL: https://www.cox.com/myprofile/forgot-password.html?finalview=https%3A%2F%2Fwww.cox.com%2Fwebapi%2Fcdncache%2Fcookieset%3Fresource%3Dhttps%3A%2F%2Fwww.cox.com%2Fresaccount%2Fhome.cox
Title: Forgot Password?

Search URL Search Domain Scan URL

URL: https://www.cox.com/myprofile/registration.html?finalview=https%3A%2F%2Fwww.cox.com%2Fwebapi%2Fcdncache%2Fcookieset%3Fresource%3Dhttps%3A%2F%2Fwww.cox.com%2Fresaccount%2Fhome.cox
Title: No Account? Register Now!

Search URL Search Domain Scan URL

URL: https://www.cox.com/residential/support/trouble-signing-in-on-the-cox-website.html
Title: Need Help Signing In?

Search URL Search Domain Scan URL

URL: https://www.cox.com/aboutus/policies/ca-data-privacy.html
Title: Limit the Use of My Sensitive Personal Information (CA Consumers)

Search URL Search Domain Scan URL

URL: https://www.cox.com/aboutus/policies/va-data-privacy.html
Title: Virginia Consumer Privacy.

Search URL Search Domain Scan URL

URL: https://www.cox.com/aboutus/policies/online-privacy-policy.html
Title: Online Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.cox.com/aboutus/policies/annual-privacy-notice.html
Title: Residential Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://barleflorian.com/wp-admin/network/kaltoon/authen HTTP 302
https://barleflorian.com/wp-admin/network/kaltoon/ HTTP 302
https://barleflorian.com/wp-admin/network/kaltoon/authen Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://webcdn3.cox.com/content/dam/cox/residential/chat/bundle.js HTTP 301
https://webcdn.cox.com/content/dam/cox/residential/chat/bundle.js

Request Chain 15

https://webcdn2.cox.com/ui/presentation/tsw/css/flex-presentation.css.jgz HTTP 301
https://webcdn.cox.com/ui/presentation/tsw/css/flex-presentation.css.jgz

Request Chain 16

https://webcdn2.cox.com/ui/aem7/tsw/css/cox-residential-aemapp.css.jgz HTTP 301
https://webcdn.cox.com/ui/aem7/tsw/css/cox-residential-aemapp.css.jgz

Request Chain 17

https://webcdn4.cox.com/content/dam/cox/common/externalcss/flex2-rte-styles/flex2text-styles.min.css HTTP 301
https://webcdn.cox.com/content/dam/cox/common/externalcss/flex2-rte-styles/flex2text-styles.min.css

Request Chain 18

https://webcdn4.cox.com/content/dam/cox/common/externalcss/override/overrides.min.css HTTP 301
https://webcdn.cox.com/content/dam/cox/common/externalcss/override/overrides.min.css

Request Chain 19

https://webcdn1.cox.com/ui/myprofile/tsw/js/jquery.js.jgz HTTP 301
https://webcdn.cox.com/ui/myprofile/tsw/js/jquery.js.jgz

Request Chain 21

https://barleflorian.com/wp-admin/network/kaltoon/okta-login-v3.js HTTP 301
https://barleflorian.com/

Request Chain 37

https://barleflorian.com/wp-admin/network/kaltoon/shield-keyhole.svg HTTP 301
https://barleflorian.com/

Request Chain 45

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8C6767C25245AD1A0A490D4C%40AdobeOrg&d_nsid=0&ts=1680308965017 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8C6767C25245AD1A0A490D4C%40AdobeOrg&d_nsid=0&ts=1680308965017

Request Chain 51

https://webcdn2.cox.com/ui/presentation/tsw/img/cox_logo.png HTTP 301
https://webcdn.cox.com/ui/presentation/tsw/img/cox_logo.png

Request Chain 112

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1064316744/?random=493070337&cv=11&fst=1680308966516&bg=ffffff&guid=ON&async=1&gtm=45be33t0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbarleflorian.com%2Fwp-admin%2Fnetwork%2Fkaltoon%2Fauthen&label=aF0wCPPtkpMYEMjewPsD&hn=www.googleadservices.com&frm=0&tiba=Cox%20Login%20-%20Sign%20Into%20Your%20Cox%20Account&gtm_ee=1&auid=1616355195.1680308967&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=5nonZMT-ILqs9u8Ps6iB6A0&sscte=1&crd=&pscrd=Ek5DaEFJOEltYW9RWVE4TV9EeVpfdXpZaFJFaVlBbHdBczRJSEtHMnZQNC01Zk1iUkg4NklUcUlsMXhwdXdsNldlbDEwUDdBTDVwY0NNZEEaWENoQUk4SW1hb1FZUWhLZUY1ckhyZ0lackVpNEFiNGdOTXVSVFNFS08yZ3ZhVDR5d1V1bzFrc016dWtfa2ZNdHIxOHllU2FCS3VhZjVSdDlIcnhUSFV4azQ HTTP 302
https://www.google.com/pagead/1p-conversion/1064316744/?random=493070337&cv=11&fst=1680308966516&bg=ffffff&guid=ON&async=1&gtm=45be33t0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbarleflorian.com%2Fwp-admin%2Fnetwork%2Fkaltoon%2Fauthen&label=aF0wCPPtkpMYEMjewPsD&hn=www.googleadservices.com&frm=0&tiba=Cox%20Login%20-%20Sign%20Into%20Your%20Cox%20Account&gtm_ee=1&auid=1616355195.1680308967&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOEltYW9RWVE4TV9EeVpfdXpZaFJFaVlBbHdBczRJSEtHMnZQNC01Zk1iUkg4NklUcUlsMXhwdXdsNldlbDEwUDdBTDVwY0NNZEEaWENoQUk4SW1hb1FZUWhLZUY1ckhyZ0lackVpNEFiNGdOTXVSVFNFS08yZ3ZhVDR5d1V1bzFrc016dWtfa2ZNdHIxOHllU2FCS3VhZjVSdDlIcnhUSFV4azQ&is_vtc=1&ocp_id=5nonZMT-ILqs9u8Ps6iB6A0&cid=CAQSKQDUE5ymXoDLIGm9I4gRG2lJ3Gu3ApQWPR7N6mO8eXIuopmpWK2z9M8E&random=4019195379 HTTP 302
https://www.google.fr/pagead/1p-conversion/1064316744/?random=493070337&cv=11&fst=1680308966516&bg=ffffff&guid=ON&async=1&gtm=45be33t0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbarleflorian.com%2Fwp-admin%2Fnetwork%2Fkaltoon%2Fauthen&label=aF0wCPPtkpMYEMjewPsD&hn=www.googleadservices.com&frm=0&tiba=Cox%20Login%20-%20Sign%20Into%20Your%20Cox%20Account&gtm_ee=1&auid=1616355195.1680308967&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOEltYW9RWVE4TV9EeVpfdXpZaFJFaVlBbHdBczRJSEtHMnZQNC01Zk1iUkg4NklUcUlsMXhwdXdsNldlbDEwUDdBTDVwY0NNZEEaWENoQUk4SW1hb1FZUWhLZUY1ckhyZ0lackVpNEFiNGdOTXVSVFNFS08yZ3ZhVDR5d1V1bzFrc016dWtfa2ZNdHIxOHllU2FCS3VhZjVSdDlIcnhUSFV4azQ&is_vtc=1&ocp_id=5nonZMT-ILqs9u8Ps6iB6A0&cid=CAQSKQDUE5ymXoDLIGm9I4gRG2lJ3Gu3ApQWPR7N6mO8eXIuopmpWK2z9M8E&random=4019195379&ipr=y&prhg=0

135 HTTP transactions
-1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request authen Show response
barleflorian.com/wp-admin/network/kaltoon/
Redirect Chain

https://barleflorian.com/wp-admin/network/kaltoon/authen
https://barleflorian.com/wp-admin/network/kaltoon/
https://barleflorian.com/wp-admin/network/kaltoon/authen

84 KB
23 KB

62ms
61ms

Document
text/html

109.238.12.156
IKOULA

General

Check archive.org

Show headers Download Go to

Full URL: https://barleflorian.com/wp-admin/network/kaltoon/authen
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 109.238.12.156 , France, ASN21409 (IKOULA, FR),
Reverse DNS: frhb68273ds.ikexpress.com
Software: nginx / PHP/7.4.33 PleskLin
Resource Hash: 5e3c74cf0301c593d1a5f7465b14bae74aac0bea40a22a8bf6223f2154367e2c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 23573
content-type: text/html; charset=UTF-8
date: Sat, 01 Apr 2023 00:29:23 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-cache-status: BYPASS
x-powered-by: PHP/7.4.33 PleskLin

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 01 Apr 2023 00:29:23 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://barleflorian.com/wp-admin/network/kaltoon/authen
pragma: no-cache
server: nginx
x-cache-status: BYPASS
x-powered-by: PHP/7.4.33 PleskLin

GET
H/1.1 200
OK 55a0768cf0 Show response
bam-cell.nr-data.net/1/ 49 B
483 B 654ms
492ms Script
text/javascript 162.247.243.30
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/55a0768cf0?a=810646484&sa=1&v=1209.f04e2b9&t=Unnamed%20Transaction&rst=4238&ck=1&ref=https://www.cox.com/content/dam/cox/okta/signin.html&be=1334&fe=4110&dc=1431&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1629483767429,%22n%22:0,%22u%22:175,%22ue%22:176,%22f%22:2,%22dn%22:2,%22dne%22:2,%22c%22:2,%22ce%22:2,%22rq%22:4,%22rp%22:164,%22rpe%22:188,%22dl%22:195,%22di%22:1382,%22ds%22:1383,%22de%22:1431,%22dc%22:4110,%22l%22:4110,%22le%22:4179%7D,%22navigation%22:%7B%7D%7D&fp=1739&fcp=1739&jsonp=NREUM.setToken
Requested by: Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.30 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 00:29:24 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 49
x-served-by: cache-cdg20731-CDG

GET
H/1.1 200
OK vms.js Show response
vmss.boldchat.com/aid/807690351445127928/bc.vms4/ 53 KB
18 KB 557ms
162ms Script
text/javascript 54.69.177.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vmss.boldchat.com/aid/807690351445127928/bc.vms4/vms.js

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.69.177.37 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

b-app19-40.boldchat.com

Software

BoldChat/8002 /

Resource Hash

135fcc5bcf0b6968cf65f32cf73618eedee0af71b5ba8fe2c9fcdf8ea02d2c7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Sat, 01 Apr 2023 00:29:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: BoldChat/8002
ETag: "4113927A177D567C16AD555F70DA7004"
Content-Type: text/javascript;charset=UTF-8
P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM", policyref="http://my.boldchat.com/w3c/p3p.xml"
Origin-Agent-Cluster: ?0
Cache-Control: max-age=7200, public
Content-Length: 18147

GET
H/1.1 200
OK vt-185.js Show response
vt.myvisualiq.net/2/imaZYXEYinwYRgWjIDIl3A%3D%3D/ 6 KB
3 KB 115ms
36ms Script
application/x-javascript 18.66.112.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vt.myvisualiq.net/2/imaZYXEYinwYRgWjIDIl3A%3D%3D/vt-185.js
Requested by: Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-77.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ad981a1136d20c3b22b5e65fff90f60e8062b6698cd2d6e3aa60ef13b0a9221

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: vViaHN_exFZh9XCMlnTNo5.62fYzniBD
Content-Encoding: gzip
Via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
Date: Fri, 31 Mar 2023 16:38:59 GMT
x-amz-request-id: CH5GA20FTPM8NEWK
X-Amz-Cf-Pop: FRA56-P5
x-amz-server-side-encryption: AES256
Age: 28226
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
Connection: keep-alive
x-amz-id-2: MeFEjvX/WBpPzsbD6HWSf8b33Y1LQw/vQkEW7yF4ie+j4Nw6lhJzzN50eM/6TnN19unIbpg2Iko=
Last-Modified: Thu, 10 Mar 2022 11:03:33 GMT
Server: AmazonS3
ETag: W/"fbe247e92620f4fc95ed587c74cd63a8"
Vary: Accept-Encoding
Content-Type: application/x-javascript
access-control-allow-origin: *
X-Amz-Cf-Id: 4XA_i_d6V9nIFYGGx8JNXGZXgebHqyuh83jpfACsfWfLSxQ5-VdtNg==

GET
H2 200 gateway.min.js Show response
gateway.foresee.com/sites/cox_communications/production/ 248 KB
21 KB 34ms
34ms Script
application/javascript 18.66.147.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.foresee.com/sites/cox_communications/production/gateway.min.js
Requested by: Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-25.fra60.r.cloudfront.net
Software: /
Resource Hash: 6d7f4b90397af891e478fa30d5a6d5f65ea7dff706a9983e519c3aae28b3f2fd

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 22:51:23 GMT
content-encoding: br
via: 1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 5882
x-cache: Hit from cloudfront
status: 200
last-modified: Fri, 01 Apr 2022 13:32:19 GMT
etag: W/"abc1298a09e4d99d3a3ab3a632b9638a"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-headers: X-Requested-With
x-amz-cf-id: 54fQdQL1F0d67KrNjzy8WTfasnE072Y1TZo7phbekz41lWTfvZ61XQ==
expires: Sat, 01 Apr 2023 02:51:23 GMT

GET
H2 200 nr-spa-1209.min.js Show response
js-agent.newrelic.com/ 42 KB
16 KB 176ms
18ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1209.min.js
Requested by: Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 49cd7e514d20a427de78b14e516213d02b2c7ec0cee399584eab79f889c55964

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: d4wwExyN0N4Ag7LHjGXgHn7eRha876Bt
content-encoding: gzip
via: 1.1 varnish
date: Sat, 01 Apr 2023 00:29:24 GMT
x-amz-request-id: 39MMQN2JQHB2SY4N
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 15799
x-amz-id-2: HDWVzWjVsUgn3K5D9Tfw5mx3OzsV1Qy6JvDauF2XD1FIOqAEaMHFYpf9+PxiKUQQ6mkCZ+E79R8=
x-served-by: cache-cdg20766-CDG
last-modified: Thu, 20 May 2021 23:21:19 GMT
server: AmazonS3
x-timer: S1680308964.146914,VS0,VE0
etag: "0a1d4ac0ed6107cdf844f28cc3ba3b82"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 112

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 89ms
24ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 01 Apr 2023 00:05:12 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 1453
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sat, 01 Apr 2023 02:05:12 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 113 KB
44 KB 95ms
36ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-139134705-1

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

05a1965e7f939573198b93432d9a480bf53cc95c2943fe7747e2780cf11e68b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 00:29:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45065
x-xss-protection: 0
last-modified: Sat, 01 Apr 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 01 Apr 2023 00:29:25 GMT

GET
H2

200

bundle.js Show response
webcdn.cox.com/content/dam/cox/residential/chat/
Redirect Chain

https://webcdn3.cox.com/content/dam/cox/residential/chat/bundle.js
https://webcdn.cox.com/content/dam/cox/residential/chat/bundle.js

111 KB
32 KB

24ms
22ms

Script
application/javascript

45.60.47.167
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://webcdn.cox.com/content/dam/cox/residential/chat/bundle.js

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

Server

45.60.47.167 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

259bbafa8c88a58d94bc316b2526ada978c89524095e2ee3bab1eff2df72d425

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 06:36:59 GMT
strict-transport-security: max-age=31557600
x-content-type-options: nosniff
content-encoding: br
x-cdn: Imperva
content-md5: 19ZxeIN5TjC9YSgJsTET5A==
via: 1.1 91f8decb73d70c00873991ae75748534.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG53-C1
age: 237146
x-cache: Hit from cloudfront
x-iinfo: 14-163523098-163523164 PNNN RT(1680308963422 1660) q(0 0 0 -1) r(0 0) U24
content-disposition: inline
x-served-by: cache-dub4326-DUB
last-modified: Mon, 11 Jul 2022 11:42:46 GMT
x-timer: S1680071819.837226,VS0,VS0,VE209
etag: W/"0x8DA63327948D95A"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600, public
x-amz-cf-id: Rha_rd0Ega7Oomiu8tTF1tlWoeNJN1o85l9tF2hhC6vqwXtFIvM4JQ==

Redirect headers

location: https://webcdn.cox.com/content/dam/cox/residential/chat/bundle.js
strict-transport-security: max-age=31536000
content-length: 0

GET
H2 200 s89886600559528 Show response
smetrics.cox.com/b/ss/cox-avalanche-prod/10/JS-2.22.0/ 522 B
727 B 566ms
113ms Script
application/x-javascript 15.236.117.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.cox.com/b/ss/cox-avalanche-prod/10/JS-2.22.0/s89886600559528?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=20%2F7%2F2021%2018%3A22%3A51%205%200&d.&nsid=0&jsonv=1&.d&sdid=1FDC429788EA4E7E-6AF1A197DD9C9770&mid=33840814358525580943124216087622985018&aamlh=7&ce=UTF-8&pageName=cox%3Ares%3Asign-in&g=https%3A%2F%2Fwww.cox.com%2Fcontent%2Fdam%2Fcox%2Fokta%2Fsignin.html%3Fonsuccess%3Dhttps%253A%252F%252Fwww.cox.com%252Fwebapi%252Fcdncache%252Fcookieset%253Fresource%253Dhttps%253A%252F%252Fwww.cox.com%252Fresaccount%252Fhome.cox&r=https%3A%2F%2Fwww.cox.com%2Fcontent%2Fdam%2Fcox%2Fokta%2F&c.&visitorAPI=5.2.0&.c&ch=cox%3Ares%3Asignin&server=www.cox.com&events=event47&aamb=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&v1=signin%3Apage&h1=cox%3Ares%3Asign-in&l1=&c2=regular&h2=onsuccess%3Dhttps%253A%252F%252Fwww.cox.com%252Fwebapi%252Fcdncache%252Fcookieset%253Fresource%253Dhttps%253A%252F%252Fwww.cox.com%252Fresaccount%252Fhome.cox&c3=res%3Asign-in&c4=signin%3Apage&c5=unknown%3Aunknown%3Aloggedout%3Aunknown&v6=unknown%3Aunknown%3Aloggedout%3Aunknown&c7=cox%3Ares%3Asign-in&c8=signin&v11=2%3A22%20PM%7CFriday&c12=en&v14=cox%3Ares%3Aerror403&c15=D%3Dv14&c16=%2Fcontent%2Fdam%2Fcox%2Fokta%2Fsignin.html&c21=1429&c23=signin&c25=web&v25=08%2F20%2F2021&c28=cox%3Ares&c38=cox%3Ares%3Asign-in&c40=unknown%3Aunknown&v40=desktop&v41=cox%3Ares%3Asign-in&v42=unknown%3Aunknown&v46=cox%3Ares%3Asign-in&v49=22747&c71=16294828433759290&c75=v05052021%7C2.22.0%7C5.2.0&v75=33840814358525580943124216087622985018&c.&a.&activitymap.&page=cox%3Ares%3Aerror403&link=My%20Account&region=pf-header&pageIDType=1&.activitymap&.a&.c&pid=cox%3Ares%3Aerror403&pidt=1&oid=https%3A%2F%2Fwww.cox.com%2Fcontent%2Fdam%2Fcox%2Fokta%2Fsignin.html%3Fonsuccess%3Dhttps%253A%252F%252Fwww.cox.com%252Fwebapi%252F&ot=A&s=1500x1000&c=24&j=1.6&v=N&k=Y&bw=945&bh=889&mcorgid=8C6767C25245AD1A0A490D4C%40AdobeOrg&AQE=1

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.117.205 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-117-205.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

607cc3cde28043c24d7156ccb5cb414527e303174807dd6267f79535964cb75a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-aam-tid: SS23Ko+6SRg=
date: Sat, 01 Apr 2023 00:29:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy"
content-length: 522
x-xss-protection: 1; mode=block
dcs: dcs-prod-va6-1-v045-0a0c60b82.edge-va6.demdex.com 8 ms
pragma: no-cache
last-modified: Sun, 02 Apr 2023 00:29:25 GMT
server: jag
etag: 3608436027377778688-4619755402042534562
vary: *
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Fri, 31 Mar 2023 00:29:25 GMT

GET
H/1.1 200
OK tv2track.js Show response
collector-8132.tvsquared.com/ 20 KB
9 KB 489ms
112ms Script
application/javascript 3.13.67.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-8132.tvsquared.com/tv2track.js
Requested by: Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.13.67.214 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-13-67-214.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Sat, 01 Apr 2023 00:29:25 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Dec 2022 10:04:48 GMT
Server: nginx
ETag: "639c42c0-2133"
Content-Type: application/javascript
Cache-Control: max-age=600
Connection: keep-alive
X-Robots-Tag: noindex
Content-Length: 8499
Expires: Sat, 01 Apr 2023 00:39:25 GMT

GET
H2 200 invoca-latest.min.js Show response
solutions.invocacdn.com/js/ 124 KB
37 KB 29ms
25ms Script
text/javascript 13.224.189.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://solutions.invocacdn.com/js/invoca-latest.min.js
Requested by: Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-10.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f9fbaa2d8a04926b60d9b457b41bf7c33388dc09b19061002195df1972f813e7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 00:12:39 GMT
x-amz-version-id: RFciS.9T5ehvHbi5e4YIhpvCouxSBpoK
content-encoding: br
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 1007
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 20 Mar 2023 20:43:43 GMT
server: AmazonS3
etag: W/"115fae048fd05fd17313444e30a75541"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
x-amz-cf-id: sA5e2VIaYfJbK4Hr7UdqDHvn3u2x_toVN2IAKlt9axygnHsSHlIYeg==

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/cox/main/prod/ 623 KB
63 KB 109ms
28ms Script
application/javascript 2600:9000:223e:8400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/cox/main/prod/utag.js
Requested by: Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:8400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1f74196f36a29e9aa43101a63f39ec5f1c602221d5541c4ab41cecb494075784

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: dcc_x6zAF.0oVZhoabKqJu4b.iBiHAyp
content-encoding: br
via: 1.1 ade2b5e2170ccd4f394b741b27bb0eec.cloudfront.net (CloudFront)
date: Sat, 01 Apr 2023 00:26:22 GMT
last-modified: Wed, 29 Mar 2023 15:41:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 184
x-amz-server-side-encryption: AES256
etag: W/"6a0cd8168f36f0aaddedf6de3420aec1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: _7gvPoMUYiknHqvnKaEtalwrmLjqBcwbfTAIR_wUTx2FVdXwDa5_Fw==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 77 KB
26 KB 272ms
52ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2d241c0a328576f58bdae116b5a40b4346a6cfab6844f000475c784f1e66bf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 00:29:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25738
x-xss-protection: 0
server: cafe
etag: 593 / 19448 / m202303270101 / config-hash: 4618862490447205413
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 01 Apr 2023 00:29:25 GMT

GET
H2 404 u-But-can-To-farry-of-sure-And-againe-Rosse-You-
barleflorian.com/ 0
0 562ms
558ms Script
text/html 109.238.12.156
IKOULA

General

Check archive.org

Show headers Download Go to

Full URL: https://barleflorian.com/u-But-can-To-farry-of-sure-And-againe-Rosse-You-
Requested by: Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 109.238.12.156 , France, ASN21409 (IKOULA, FR),
Reverse DNS: frhb68273ds.ikexpress.com
Software: nginx / PHP/7.4.33
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/wp-admin/network/kaltoon/authen
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 00:29:25 GMT
content-encoding: br
server: nginx
x-powered-by: PHP/7.4.33
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://barleflorian.com/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 okta-sign-in.min.css
global.oktacdn.com/okta-signin-widget/3.8.2/css/ 180 KB
26 KB 189ms
28ms Stylesheet
text/css 18.66.147.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://global.oktacdn.com/okta-signin-widget/3.8.2/css/okta-sign-in.min.css

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-97.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

68ef764e2d683a2b137e78e7b4a96cc195e229729bf9f82ad7b92eb0892b3a06

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: VioymT0ami6RAq5l.msmhnEwxweXAIS1
strict-transport-security: max-age=315360000
x-content-type-options: nosniff
date: Fri, 31 Mar 2023 05:02:24 GMT
content-encoding: gzip
x-amz-cf-pop: FRA60-P4
age: 70021
via: 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 20 Mar 2020 02:19:40 GMT
server: AmazonS3
etag: W/"92cb194fd7896eb0997c23a4a3dbb596"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public,max-age=31536000,s-maxage=1814400
x-amz-cf-id: GQmrOWVUMKnS2gTblYOpwQNw_5m7gHda0J07FvGO407Nz799FfHIOg==

GET
H2

200

flex-presentation.css.jgz
webcdn.cox.com/ui/presentation/tsw/css/
Redirect Chain

https://webcdn2.cox.com/ui/presentation/tsw/css/flex-presentation.css.jgz
https://webcdn.cox.com/ui/presentation/tsw/css/flex-presentation.css.jgz

141 KB
32 KB

174ms
56ms

Stylesheet
text/css

45.60.47.167
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://webcdn.cox.com/ui/presentation/tsw/css/flex-presentation.css.jgz

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

Server

45.60.47.167 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

1e9a40f7db4a20f42c15bd1f5a79fdb81b9e9d66a7d998bc17f8087c71567c31

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .cox.net .cox.com .coxbusiness.com coxcommunications.experiencecloud.adobe.com .discovercoxonline.com agent.bold360.com .cox-ondemand.com .yext-cdn.com .yextpages.net .evgnet.com *.evergage.com
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Xss-Protection	1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 22:02:44 GMT
content-security-policy: frame-ancestors *.cox.net *.cox.com *.coxbusiness.com coxcommunications.experiencecloud.adobe.com *.discovercoxonline.com agent.bold360.com *.cox-ondemand.com *.yext-cdn.com *.yextpages.net *.evgnet.com *.evergage.com
content-encoding: gzip
strict-transport-security: max-age=86400; includeSubDomains
via: 1.1 ade5b31bd02630f0b5fc77309a9d7038.cloudfront.net (CloudFront)
x-cdn: Imperva
x-amz-cf-pop: CDG53-C1
age: 181600
x-cache: Hit from cloudfront
x-iinfo: 14-163523098-163523151 NNNN CT(5 8 0) RT(1680308963422 264) q(0 0 1 1) r(1 1) U24
content-length: 31410
x-xss-protection: 1
x-ua-compatible: IE=edge
x-content-type: nosniff
last-modified: Tue, 28 Mar 2023 03:21:35 GMT
server: Apache
content-type: text/css
cache-control: max-age=1209600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: a83fNS6zOXVt_jjmqEI00KXEOKO0dZxbTedm1d-YxtygHpsBFD6uZA==

Redirect headers

location: https://webcdn.cox.com/ui/presentation/tsw/css/flex-presentation.css.jgz
strict-transport-security: max-age=31536000
content-length: 0

GET
H2

200

cox-residential-aemapp.css.jgz
webcdn.cox.com/ui/aem7/tsw/css/
Redirect Chain

https://webcdn2.cox.com/ui/aem7/tsw/css/cox-residential-aemapp.css.jgz
https://webcdn.cox.com/ui/aem7/tsw/css/cox-residential-aemapp.css.jgz

335 KB
66 KB

192ms
74ms

Stylesheet
text/css

45.60.47.167
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://webcdn.cox.com/ui/aem7/tsw/css/cox-residential-aemapp.css.jgz

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

Server

45.60.47.167 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

4b8d92dc2fbff0a66d984fc9c7df2f26a5949a53fe9b79b13435f0bbe4630ef3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .cox.net .cox.com .coxbusiness.com coxcommunications.experiencecloud.adobe.com .discovercoxonline.com agent.bold360.com .cox-ondemand.com .yext-cdn.com .yextpages.net .evgnet.com *.evergage.com
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Xss-Protection	1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 22:02:44 GMT
content-security-policy: frame-ancestors *.cox.net *.cox.com *.coxbusiness.com coxcommunications.experiencecloud.adobe.com *.discovercoxonline.com agent.bold360.com *.cox-ondemand.com *.yext-cdn.com *.yextpages.net *.evgnet.com *.evergage.com
content-encoding: gzip
strict-transport-security: max-age=86400; includeSubDomains
via: 1.1 45dddc65ba3da4a1716d9c10f4aaaa08.cloudfront.net (CloudFront)
x-cdn: Imperva
x-amz-cf-pop: CDG53-C1
age: 181600
x-cache: Hit from cloudfront
x-iinfo: 14-163523098-163523152 NNNN CT(5 7 0) RT(1680308963422 264) q(0 0 1 4) r(1 1) U24
content-length: 67404
x-xss-protection: 1
x-ua-compatible: IE=edge
x-content-type: nosniff
last-modified: Fri, 17 Feb 2023 07:49:18 GMT
server: Apache
content-type: text/css
cache-control: s-maxage=1209590, must-revalidate
accept-ranges: bytes
x-amz-cf-id: yB0H7328140iPu1Nm4cxRwGJ_ySC_VvlzWKCpTsNpgC6RqKhso9zhg==

Redirect headers

location: https://webcdn.cox.com/ui/aem7/tsw/css/cox-residential-aemapp.css.jgz
strict-transport-security: max-age=31536000
content-length: 0

GET
H2

200

flex2text-styles.min.css
webcdn.cox.com/content/dam/cox/common/externalcss/flex2-rte-styles/
Redirect Chain

https://webcdn4.cox.com/content/dam/cox/common/externalcss/flex2-rte-styles/flex2text-styles.min.css
https://webcdn.cox.com/content/dam/cox/common/externalcss/flex2-rte-styles/flex2text-styles.min.css

4 KB
1 KB

64ms
64ms

Stylesheet
text/css

45.60.47.167
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://webcdn.cox.com/content/dam/cox/common/externalcss/flex2-rte-styles/flex2text-styles.min.css

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

Server

45.60.47.167 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

c4e3460c06318c97454b60e5020707920e7ca781b7006b82613eabc847385b3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 06:36:52 GMT
strict-transport-security: max-age=31557600
x-content-type-options: nosniff
content-encoding: br
x-cdn: Imperva
content-md5: IvvJGGZK/l0VcoGwQmR5ww==
via: 1.1 e9e1ae0211eb8060a9bf55183ccf8788.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG53-C1
age: 237152
x-cache: Hit from cloudfront
x-iinfo: 14-163523098-163523162 NNNN CT(11 8 0) RT(1680308963422 294) q(0 0 0 -1) r(0 0) U24
content-disposition: inline
x-served-by: cache-dub4326-DUB
last-modified: Mon, 11 Jul 2022 12:12:24 GMT
x-timer: S1680071812.836911,VS0,VS0,VE566
etag: W/"0x8DA63369D941B35"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600, public
x-amz-cf-id: tq6ic03fQvoctPySPoZtN1yoCg4SJrz-YJJRkYMtI5U7a3fK3eFvtQ==

Redirect headers

location: https://webcdn.cox.com/content/dam/cox/common/externalcss/flex2-rte-styles/flex2text-styles.min.css
strict-transport-security: max-age=31536000
content-length: 0

GET
H2

200

overrides.min.css
webcdn.cox.com/content/dam/cox/common/externalcss/override/
Redirect Chain

https://webcdn4.cox.com/content/dam/cox/common/externalcss/override/overrides.min.css
https://webcdn.cox.com/content/dam/cox/common/externalcss/override/overrides.min.css

67 KB
9 KB

65ms
65ms

Stylesheet
text/css

45.60.47.167
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://webcdn.cox.com/content/dam/cox/common/externalcss/override/overrides.min.css

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

Server

45.60.47.167 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

b005acc4897aef46323fa78290cfb4b7e64157b42b85934ccf7344389fb9f117

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 00:27:34 GMT
strict-transport-security: max-age=31557600
x-content-type-options: nosniff
content-encoding: br
x-cdn: Imperva
content-md5: +EdP5/yruRKGRdNkbtw+6w==
via: 1.1 91f8decb73d70c00873991ae75748534.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG53-C1
age: 110
x-cache: Hit from cloudfront
x-iinfo: 14-163523098-163523164 NNNN CT(5 5 0) RT(1680308963422 304) q(0 0 0 -1) r(0 0) U24
content-disposition: inline
x-served-by: cache-dub4326-DUB
last-modified: Wed, 14 Sep 2022 03:23:13 GMT
x-timer: S1680308854.111541,VS0,VS0,VE205
etag: W/"0x8DA960074D57F48"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=600, public
x-amz-cf-id: 2KcouOBKxyls50ck2dv0TUw7LOsQ_efel5-IofpqOd0E4RmTgzTzmg==

Redirect headers

location: https://webcdn.cox.com/content/dam/cox/common/externalcss/override/overrides.min.css
strict-transport-security: max-age=31536000
content-length: 0

GET
H2

200

jquery.js.jgz Show response
webcdn.cox.com/ui/myprofile/tsw/js/
Redirect Chain

https://webcdn1.cox.com/ui/myprofile/tsw/js/jquery.js.jgz
https://webcdn.cox.com/ui/myprofile/tsw/js/jquery.js.jgz

235 KB
85 KB

24ms
24ms

Script
text/javascript

45.60.47.167
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://webcdn.cox.com/ui/myprofile/tsw/js/jquery.js.jgz

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

Server

45.60.47.167 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

d1d05e599f94582eb6c8d853fc2e93118ae92f919a0df5c88b320e16e7b6ec9f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .cox.net .cox.com .coxbusiness.com coxcommunications.experiencecloud.adobe.com .discovercoxonline.com agent.bold360.com .cox-ondemand.com .yext-cdn.com .yextpages.net .evgnet.com *.evergage.com
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Xss-Protection	1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 22:02:44 GMT
content-security-policy: frame-ancestors *.cox.net *.cox.com *.coxbusiness.com coxcommunications.experiencecloud.adobe.com *.discovercoxonline.com agent.bold360.com *.cox-ondemand.com *.yext-cdn.com *.yextpages.net *.evgnet.com *.evergage.com
content-encoding: gzip
strict-transport-security: max-age=86400; includeSubDomains
via: 1.1 ade5b31bd02630f0b5fc77309a9d7038.cloudfront.net (CloudFront)
x-cdn: Imperva
x-amz-cf-pop: CDG53-C1
age: 181600
x-cache: Hit from cloudfront
x-iinfo: 14-163523098-163523151 PNNN RT(1680308963422 334) q(0 0 0 -1) r(0 0) U24
content-length: 86401
x-xss-protection: 1
x-ua-compatible: IE=edge
x-content-type: nosniff
last-modified: Thu, 22 Aug 2019 17:11:33 GMT
server: Apache
content-type: text/javascript
cache-control: max-age=1209600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: sOLGKpVKBM-aOrJNGz4t8f4W406z6_tqbqEG2m-KVbM_0L8qxd5W4w==

Redirect headers

location: https://webcdn.cox.com/ui/myprofile/tsw/js/jquery.js.jgz
strict-transport-security: max-age=31536000
content-length: 0

GET
H2 200 okta-sign-in.min.js Show response
global.oktacdn.com/okta-signin-widget/3.8.2/js/ 1 MB
302 KB 185ms
24ms Script
application/x-javascript 18.66.147.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://global.oktacdn.com/okta-signin-widget/3.8.2/js/okta-sign-in.min.js

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-97.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

91262e6f00d6a45a34556b1da99a88e2e7dfac02ea8107ddf940d3746d6e4627

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 05:54:01 GMT
x-amz-version-id: 0bqDoUqwqv7yf5OBDVpCoGIqc.ArylId
x-content-type-options: nosniff
strict-transport-security: max-age=315360000
content-encoding: gzip
x-amz-cf-pop: FRA60-P4
age: 66924
via: 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 20 Mar 2020 02:19:43 GMT
server: AmazonS3
etag: W/"d943801d64f3870adf095a8749532b87"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,s-maxage=1814400
x-amz-cf-id: TRlBGMWKX4epS6qFrjzw2feXz8IGX_1EjtE8CPZ0w_Pmh14rcFXZVQ==

GET
H2

200

/ Show response
barleflorian.com/
Redirect Chain

https://barleflorian.com/wp-admin/network/kaltoon/okta-login-v3.js
https://barleflorian.com/

167 KB
28 KB

718ms
717ms

Script
text/html

109.238.12.156
IKOULA

General

Check archive.org

Show headers Download Go to

Full URL: https://barleflorian.com/
Requested by: Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen
Protocol: H2
Server: 109.238.12.156 , France, ASN21409 (IKOULA, FR),
Reverse DNS: frhb68273ds.ikexpress.com
Software: nginx / PHP/7.4.33, PleskLin
Resource Hash: 606dc1926901de3cf855ff2a2d3dd19adbdc9130a0f214b621aafa2e99cf71e2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/wp-admin/network/kaltoon/authen
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 00:29:24 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/7.4.33, PleskLin
x-cache-status: BYPASS
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
link: <https://barleflorian.com/wp-json/>; rel="https://api.w.org/", <https://barleflorian.com/wp-json/wp/v2/pages/186>; rel="alternate"; type="application/json", <https://barleflorian.com/>; rel=shortlink
content-length: 28166

Redirect headers

date: Sat, 01 Apr 2023 00:29:24 GMT
server: nginx
x-powered-by: PHP/7.4.33, PleskLin
x-cache-status: BYPASS
x-redirect-by: WordPress
content-type: text/html; charset=UTF-8
location: https://barleflorian.com/
content-length: 0

GET
H2 200 adobestack.js Show response
webcdn.cox.com/content/dam/cox/apps/common/scripts/prod/ 177 KB
53 KB 335ms
38ms Script
application/javascript 45.60.47.167
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://webcdn.cox.com/content/dam/cox/apps/common/scripts/prod/adobestack.js

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.47.167 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

c60597f209c55d7873e66a7b44362d0768b707eef1cca372f2e077ada145d28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 11:22:23 GMT
strict-transport-security: max-age=31557600
x-content-type-options: nosniff
content-encoding: br
x-cdn: Imperva
x-amz-cf-pop: CDG53-C1
age: 220021
via: 1.1 ee57e278d5f96045a012c4c3d8da58f8.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-iinfo: 14-163523098-163523154 NNNN CT(3 5 0) RT(1680308963422 264) q(0 0 1 5) r(1 1) U24
content-disposition: inline
x-served-by: cache-dub4322-DUB
last-modified: Mon, 20 Feb 2023 20:53:51 GMT
x-timer: S1680088943.116008,VS0,VS0,VE784
etag: W/"0x8DB138492351C24"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600, public
x-amz-cf-id: IF0gc5TKBd_AUH8po8HTKvPwxwWZ-HaPj_tjmWQ3kf3kKWj4CDQL7w==

GET
H2 200 pubads_impl_2021081801.js Show response
securepubads.g.doubleclick.net/gpt/ 332 KB
116 KB 249ms
26ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081801.js?31062333

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

956130a5128980106fbf0a389ac67dc012d91840bbdd52383b953ade75d52c65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 21:48:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9642
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118094
x-xss-protection: 0
last-modified: Wed, 18 Aug 2021 08:38:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 30 Mar 2024 21:48:43 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 174ms
34ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.cox.com

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 00:29:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 utag.422.js Show response
tags.tiqcdn.com/utag/cox/main/prod/ 185 KB
49 KB 495ms
414ms Script
application/javascript 2600:9000:223e:8400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/cox/main/prod/utag.422.js?utv=ut4.46.202108051657
Requested by: Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:8400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3a9e18826005dfbd44349c127e7273090024696514326903656385e31da952a7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: ooOo2DL_.dLfFxMoiscIEkKLBS3tv75P
content-encoding: br
via: 1.1 ade2b5e2170ccd4f394b741b27bb0eec.cloudfront.net (CloudFront)
date: Sat, 01 Apr 2023 00:29:26 GMT
last-modified: Wed, 29 Mar 2023 15:41:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
etag: W/"569fb39ab5c59807544308482fd56da4"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-cf-id: GtjJ4IE4Mamtd3mP-qluN2LMnVrOvq9jUWNqKoMOMUSvIOMP4ii8Hw==

GET
H2 200 utag.741.js Show response
tags.tiqcdn.com/utag/cox/main/prod/ 28 KB
7 KB 501ms
420ms Script
application/javascript 2600:9000:223e:8400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/cox/main/prod/utag.741.js?utv=ut4.46.202106031701
Requested by: Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:8400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3ce632f5db71a941a7cf8b3098bd6c46622f07322ef5c123dc1e3217c06f56b3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: l.N0Hm7QWpvkkZS99X7xcP_jhXUt5av1
content-encoding: br
via: 1.1 ade2b5e2170ccd4f394b741b27bb0eec.cloudfront.net (CloudFront)
date: Sat, 01 Apr 2023 00:29:26 GMT
last-modified: Wed, 29 Mar 2023 15:41:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
etag: W/"297630eb26c46d2615ba2efd3d9ca15f"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-cf-id: pJ_bwjK0_06Fb8PAbkgHQNonGPGHjGFi3AtYz0yeemqaJMJ70Vz-Eg==

GET
H2 200 utag.353.js Show response
tags.tiqcdn.com/utag/cox/main/prod/ 47 KB
10 KB 502ms
424ms Script
application/javascript 2600:9000:223e:8400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/cox/main/prod/utag.353.js?utv=ut4.46.202108051657
Requested by: Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:8400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9c2eb6be371145e1031885d217b4a5a1002544511ba59716e4fca2d236cc13a2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: l04h.GGape4UARqoXKM4ogsAxWQrxbtc
content-encoding: br
via: 1.1 ade2b5e2170ccd4f394b741b27bb0eec.cloudfront.net (CloudFront)
date: Sat, 01 Apr 2023 00:29:26 GMT
last-modified: Wed, 29 Mar 2023 15:41:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
etag: W/"39c517d8eb7aa87615b074cedf07be79"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-cf-id: T_6DOYhm1ebRsDrBV3HIUaZCYNDNdckq2Wqe2lsP8tz2jgkxBkZLBQ==

GET
H2 200 tag-live.js Show response
solutions.invocacdn.com/js/networks/1767/3126521417/ 8 KB
2 KB 166ms
23ms Script
text/javascript 13.224.189.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://solutions.invocacdn.com/js/networks/1767/3126521417/tag-live.js
Requested by: Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-10.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 112b480a5bb4594432c1b4005dc2263854e923e9e2d47a6e6d2a8473666c688c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: ymEq1SHIH0ua_vlpde19Q5ZozY3A33vH
content-encoding: gzip
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
date: Sat, 01 Apr 2023 00:29:07 GMT
last-modified: Thu, 03 Jun 2021 15:30:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 18
etag: W/"b2287e806942ec528fb80a1a57b3fb85"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=300
x-amz-replication-status: COMPLETED
x-amz-cf-id: 3f2F2B2WVkELTNvX_7zwPGHLsoQYVR4OYpQVdzyBynCFOtnCrwYZww==

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 43 KB
16 KB 178ms
36ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

8ce4aa1f17e51d38e974cc612e7945c04c3a1a50ec9fa0afd46637780afdd4b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 00:29:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15938
x-xss-protection: 0
server: cafe
etag: 11465653127178858058
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 01 Apr 2023 00:29:24 GMT

GET
H/1.1 200
OK t.js Show response
dds6m601du5ji.cloudfront.net/vop/ 2 KB
2 KB 118ms
23ms Script
application/javascript 108.138.7.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dds6m601du5ji.cloudfront.net/vop/t.js

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-55.fra56.r.cloudfront.net

Software

Resource Hash

8caaffc34425d831509195514dfdfd45042c712e3a02bcbb2f650380283fa9fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 30 Mar 2023 16:04:19 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Via: 1.1 e1f996a9009532eeea33edfd32ef3240.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P6
Age: 116706
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 19 Mar 2023 13:43:46 GMT
ETag: W/"2276-1679233426000"
X-Frame-Options: DENY
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=604800
X-Amz-Cf-Id: 3ybXD1p-1DE6Uh70mOSEuCOaWqWx99OIMsVPdQ8Yuzl5WF0nmOC_0A==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1034109468/ 3 KB
2 KB 179ms
36ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1034109468/?random=1629483771675&cv=9&fst=1629483771675&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1000&u_w=1500&u_ah=960&u_aw=1500&u_cd=24&u_his=13&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=ecomm_pagetype%3Dother%3Becomm_value%3D0&frm=0&url=https%3A%2F%2Fwww.cox.com%2Fcontent%2Fdam%2Fcox%2Fokta%2Fsignin.html%3Fonsuccess%3Dhttps%253A%252F%252Fwww.cox.com%252Fwebapi%252Fcdncache%252Fcookieset%253Fresource%253Dhttps%253A%252F%252Fwww.cox.com%252Fresaccount%252Fhome.cox&ref=https%3A%2F%2Fwww.cox.com%2Fcontent%2Fdam%2Fcox%2Fokta%2F&tiba=Cox%20Login%20-%20Sign%20Into%20Your%20Cox%20Account&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a265a6ed67f405f4896ed8aedfabf47025adf8c8af5f53131cb573cd89cb8ae0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Apr 2023 00:29:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mpathy-modern.js Show response
gateway.foresee.com/code/6.1.2-mp/ 81 KB
26 KB 74ms
27ms Script
application/javascript 18.66.147.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.foresee.com/code/6.1.2-mp/mpathy-modern.js
Requested by: Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-25.fra60.r.cloudfront.net
Software: /
Resource Hash: 89e5aa7b5df24d8a49a2f7505602ccc7fedaba7c981668c86bcbee18234143f6

Request headers

Referer: https://barleflorian.com/
Origin: https://barleflorian.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 20:31:44 GMT
content-encoding: gzip
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 1655861
x-cache: Hit from cloudfront
status: 200
last-modified: Thu, 18 Mar 2021 15:05:31 GMT
etag: W/"809a12b3d845af05b552212f8a272cee"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=2419200
access-control-allow-headers: X-Requested-With
x-amz-cf-id: CpFhpwFm_p3huUXasuDm0ohzNgwKeri5OG1-sAcx6oZiO2krXNYOiw==
expires: Sun, 09 Apr 2023 20:31:44 GMT

GET
H2 200 customcode.js Show response
gateway.foresee.com/sites/cox_communications/production/mpathy/ 467 B
949 B 75ms
28ms Script
application/javascript 18.66.147.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.foresee.com/sites/cox_communications/production/mpathy/customcode.js
Requested by: Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-25.fra60.r.cloudfront.net
Software: /
Resource Hash: 74fd06e6cdf2d85a0fb9ca9473dac087121fe71a0adbd9e3d55495e19b17dee6

Request headers

Referer: https://barleflorian.com/
Origin: https://barleflorian.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 22:51:23 GMT
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 5882
x-cache: Hit from cloudfront
status: 200
content-length: 467
last-modified: Mon, 20 Dec 2021 10:46:34 GMT
etag: "1e69a5ebb714708c8e0887632e8fce45"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-headers: X-Requested-With
x-amz-cf-id: 2uOyFCONCQ4e95Wc1cwVmgZGwhrh5Osq8pCyW1DA4i6L_gFxHKnaJA==
expires: Sat, 01 Apr 2023 02:51:23 GMT

GET
H/1.1 200
OK bc.pv Show response
vms.boldchat.com/aid/807690351445127928/ 1 KB
2 KB 510ms
169ms Script
text/javascript 52.41.47.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vms.boldchat.com/aid/807690351445127928/bc.pv?script=true&securevm=true&&blur=false&vm=true&poll=65000&swidth=1500&sheight=1000&sdpi=192&pve=802580327160372470T01AA5F8C98BD3A8D3584212EFC3E1B7E27035C1B9224CEE7040D06338772D8360F5191CAB6ECA649DAE5E48CBFD5FABBBB057DEF50963FA04F5C1E236F298E13&url=https%3A%2F%2Fwww.cox.com%2Fcontent%2Fdam%2Fcox%2Fokta%2Fsignin.html%3Fonsuccess%3Dhttps%253A%252F%252Fwww.cox.com%252Fwebapi%252Fcdncache%252Fcookieset%253Fresource%253Dhttps%253A%252F%252Fwww.cox.com%252Fresaccount%252Fhome.cox&referrer=https%3A%2F%2Fwww.cox.com%2Fcontent%2Fdam%2Fcox%2Fokta%2F&wdid=801950397597933140&1629483772191&visitorToken=6834546410210492416&tabIdentifier=3000913361800367778&clientScheme=https&_bcvm_vrid_=true&_bcvm_vid_801950397597933140=1629483772200S802580318706451097TA6E067B96339CC9868A8C8891F887386B74B570D2550E93E82593E2182A2CE5E070B36A3350A8C8ED3A6B228725A11C6CA9D965F70ABB7800F8E5609DB735CA6&_bcvm_vrid_801950397597933140=1629483772200S802580318561279914T5273FB1BF80AE309795C5180F1802A103B18BCB9F5703F6247E712DE18A00497AC2C30656AE8A9C23EE8EF9106F94F56469827B20570E4CF93B37C58B36BF457&&hasbutton=false

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.41.47.191 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

b-app19-35.boldchat.com

Software

BoldChat/8002 /

Resource Hash

27a81e21c36e49e0765d52bb8da4987591abbe2533484c548a78c07391c84dc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Sat, 01 Apr 2023 00:29:24 GMT
X-Content-Type-Options: nosniff
Server: BoldChat/8002
Transfer-Encoding: chunked
X-Boldcenter-PageViewID: 803088579887906421
Content-Type: text/javascript;charset=UTF-8
P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM", policyref="http://my.boldchat.com/w3c/p3p.xml"
Origin-Agent-Cluster: ?0
X-Boldcenter-VisitID: 803088579520632384

GET
H2 200 main.css
gateway.foresee.com/code/19.13.1-fs/templates/feedback/default/ 76 KB
7 KB 162ms
23ms Stylesheet
text/css 18.66.147.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.foresee.com/code/19.13.1-fs/templates/feedback/default/main.css
Requested by: Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-25.fra60.r.cloudfront.net
Software: /
Resource Hash: 07ab2e18097fca2d3e5d3a1dfa5fa9d9cb21e121921b538ccac510b388585aba

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 00:09:35 GMT
content-encoding: br
via: 1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 2247589
x-cache: Hit from cloudfront
status: 200
last-modified: Mon, 05 Oct 2020 18:36:53 GMT
etag: W/"e9963124db21946893034f15b9ceb9cf"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=2419200
access-control-allow-headers: X-Requested-With
x-amz-cf-id: AM3JZsMj0FDWHQGbKnwwAEDZrlsFTT_b6oxz1dSAri_M17-IlaboCQ==
expires: Mon, 03 Apr 2023 00:09:35 GMT

GET
H/1.1 400
Bad Request bc.evi
vms.boldchat.com/aid/807690351445127928/ 0
0 489ms
164ms Script
text/javascript 52.41.47.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vms.boldchat.com/aid/807690351445127928/bc.evi?script=true&&blur=false&vm=true&poll=65000&swidth=1500&sheight=1000&sdpi=192&pve=802580327489579452T4E2B6A15A0D7F7C3A6DD80A3AABE3E5575CF995F4006B9BF3B8BCB3DFAF24641C55C8EADA3656B3A4DEE93DF22C55051246DC2F4BCC2392AA3617EFAFB5550DD&url=https%3A%2F%2Fwww.cox.com%2Fcontent%2Fdam%2Fcox%2Fokta%2Fsignin.html%3Fonsuccess%3Dhttps%253A%252F%252Fwww.cox.com%252Fwebapi%252Fcdncache%252Fcookieset%253Fresource%253Dhttps%253A%252F%252Fwww.cox.com%252Fresaccount%252Fhome.cox&referrer=https%3A%2F%2Fwww.cox.com%2Fcontent%2Fdam%2Fcox%2Fokta%2F&wdid=801950397597933140&pvid=802580327489579452T4E2B6A15A0D7F7C3A6DD80A3AABE3E5575CF995F4006B9BF3B8BCB3DFAF24641C55C8EADA3656B3A4DEE93DF22C55051246DC2F4BCC2392AA3617EFAFB5550DD&1629483773078&tabIdentifier=3000913361800367778&extendedInfo_siteID=N%2FA&extendedInfo_easyPay=N%2FA&extendedInfo_flowName=N%2FA&extendedInfo_flowProgram=N%2FA&_bcvm_vrid_=true&_bcvm_vid_801950397597933140=1629483773022S802580318706451097TA6E067B96339CC9868A8C8891F887386B74B570D2550E93E82593E2182A2CE5E070B36A3350A8C8ED3A6B228725A11C6CA9D965F70ABB7800F8E5609DB735CA6&_bcvm_vrid_801950397597933140=1629483773022S802580318561279914T5273FB1BF80AE309795C5180F1802A103B18BCB9F5703F6247E712DE18A00497AC2C30656AE8A9C23EE8EF9106F94F56469827B20570E4CF93B37C58B36BF457&

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.41.47.191 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

b-app19-35.boldchat.com

Software

BoldChat/8002 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Origin-Agent-Cluster: ?0
Date: Sat, 01 Apr 2023 00:29:24 GMT
X-Content-Type-Options: nosniff
Server: BoldChat/8002
Content-Length: 0
Content-Type: text/javascript;charset=UTF-8

GET
H2

200

/
barleflorian.com/
Redirect Chain

https://barleflorian.com/wp-admin/network/kaltoon/shield-keyhole.svg
https://barleflorian.com/

34 KB
34 KB

741ms
741ms

Image
text/html

109.238.12.156
IKOULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://barleflorian.com/
Requested by: Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen
Protocol: H2
Server: 109.238.12.156 , France, ASN21409 (IKOULA, FR),
Reverse DNS: frhb68273ds.ikexpress.com
Software: nginx / PHP/7.4.33, PleskLin
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/wp-admin/network/kaltoon/authen
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 00:29:26 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/7.4.33, PleskLin
x-cache-status: BYPASS
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
link: <https://barleflorian.com/wp-json/>; rel="https://api.w.org/", <https://barleflorian.com/wp-json/wp/v2/pages/186>; rel="alternate"; type="application/json", <https://barleflorian.com/>; rel=shortlink
content-length: 28166

Redirect headers

date: Sat, 01 Apr 2023 00:29:25 GMT
server: nginx
x-powered-by: PHP/7.4.33, PleskLin
x-cache-status: BYPASS
x-redirect-by: WordPress
content-type: text/html; charset=UTF-8
location: https://barleflorian.com/
content-length: 0

GET
H2 200 CoxResidentialProductionTealium.js Show response
www.cox.com/content/dam/cox/apps/chatbot/ 0
0 21ms
20ms Script
text/html 45.60.47.167
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cox.com/content/dam/cox/apps/chatbot/CoxResidentialProductionTealium.js
Requested by: Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.47.167 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2 200 oo_engine.min.js Show response
gateway.foresee.com/code/5.10.4-oo/ 69 KB
19 KB 26ms
25ms Script
application/javascript 18.66.147.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.foresee.com/code/5.10.4-oo/oo_engine.min.js
Requested by: Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-25.fra60.r.cloudfront.net
Software: /
Resource Hash: 9a3e89342eb567c2622728c82149043af4a80de3693f8a50e15b75a700866ece

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 13:43:05 GMT
content-encoding: gzip
via: 1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 2025979
x-cache: Hit from cloudfront
status: 200
last-modified: Thu, 24 Jun 2021 17:07:14 GMT
etag: W/"92bc03ee01a33a37d1d1990c1ed93f64"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=2419200
access-control-allow-headers: X-Requested-With
x-amz-cf-id: -OxANjhoVUIOzCpvv7V8aGmUeK_pTQvCGgmBctd1Y4HCt_YiyqIcXg==
expires: Wed, 05 Apr 2023 13:43:05 GMT

GET
H2 200 oo_style.js Show response
gateway.foresee.com/sites/cox_communications/production/opinionlab/ 4 KB
2 KB 26ms
26ms Script
application/javascript 18.66.147.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.foresee.com/sites/cox_communications/production/opinionlab/oo_style.js
Requested by: Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-25.fra60.r.cloudfront.net
Software: /
Resource Hash: f31757c96cb6347cedcc4c94917df7abde19c758d6a480df221a0a7765856b4a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 22:51:22 GMT
content-encoding: br
via: 1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 5882
x-cache: Hit from cloudfront
status: 200
last-modified: Tue, 18 Jan 2022 21:08:31 GMT
etag: W/"ac3d7ee2263b3094af1cc49900f206be"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-headers: X-Requested-With
x-amz-cf-id: 504Juczq-fxfDqWr83Jg4gz8z6Da5MOYf0_oEnzm5d4uEo17U3HF9Q==
expires: Sat, 01 Apr 2023 02:51:22 GMT

GET
H2 200 oo_conf_global.js Show response
gateway.foresee.com/sites/cox_communications/production/opinionlab/ 5 KB
2 KB 27ms
27ms Script
application/javascript 18.66.147.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.foresee.com/sites/cox_communications/production/opinionlab/oo_conf_global.js
Requested by: Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-25.fra60.r.cloudfront.net
Software: /
Resource Hash: f559ee7f966b60e1a148498a4ef228994aca5e23305567398aeced2bcbcfa4d0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 22:51:23 GMT
content-encoding: br
via: 1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 5881
x-cache: Hit from cloudfront
status: 200
last-modified: Tue, 18 Jan 2022 21:08:31 GMT
etag: W/"fa12bc521d49f07d6944b931254e0450"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-headers: X-Requested-With
x-amz-cf-id: OGfZ81HcqmwRHY3jOKU3JR-s6YoUrx9XpjdqXs7rus9WHw_AsgvXVA==
expires: Sat, 01 Apr 2023 02:51:23 GMT

GET
H2 200 oo_conf_tab.js Show response
gateway.foresee.com/sites/cox_communications/production/opinionlab/ 999 B
1 KB 26ms
26ms Script
application/javascript 18.66.147.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.foresee.com/sites/cox_communications/production/opinionlab/oo_conf_tab.js
Requested by: Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-25.fra60.r.cloudfront.net
Software: /
Resource Hash: 831bd6ebe00e91fdcb3c46b4d7b62d92c4f83d7c02dae454367829ff7482a706

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 23:43:18 GMT
via: 1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 2766
x-cache: Hit from cloudfront
status: 200
content-length: 999
last-modified: Tue, 18 Jan 2022 21:08:31 GMT
etag: "07f99a77ab4a1c2facb4790d93618a6f"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-headers: X-Requested-With
x-amz-cf-id: a8mH0Eo-s9MuyGGJVE1MwcIkngJivGL-I-9FZ1o_xJtXaP2AdzKCTQ==
expires: Sat, 01 Apr 2023 03:43:18 GMT

GET
H/1.1 200
OK clear.gif
images.boldchat.com/images/ 42 B
359 B 534ms
165ms Image
image/gif 44.239.247.221
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.boldchat.com/images/clear.gif

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

44.239.247.221 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

b-app19-36.boldchat.com

Software

BoldChat/8105 /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31636000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Sat, 01 Apr 2023 00:29:25 GMT
Strict-Transport-Security: max-age=31636000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Thu, 26 Jan 2023 12:18:58 GMT
Server: BoldChat/8105
ETag: W/"42-1674735538000"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 42

GET
H2 200 oo_icon_white.gif
gateway.foresee.com/code/5.10.4-oo/ 2 KB
3 KB 24ms
22ms Image
image/gif 18.66.147.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gateway.foresee.com/code/5.10.4-oo/oo_icon_white.gif
Requested by: Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-25.fra60.r.cloudfront.net
Software: /
Resource Hash: c3f012ffdb0be6fe0417057e7debc8c5129eed0476fd765cd93f234bb2cf77a3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 13:43:06 GMT
via: 1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 2025979
x-cache: Hit from cloudfront
status: 200
content-length: 2247
last-modified: Thu, 24 Jun 2021 17:07:14 GMT
etag: "f12d8abbdb0cb10ebe21199595d28c4b"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=2419200
access-control-allow-headers: X-Requested-With
x-amz-cf-id: XLy44s4CULE_WFrRy8jYfBYudiInk2rheUsF5GWxyCSceq2Togcnnw==
expires: Wed, 05 Apr 2023 13:43:06 GMT

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8C6767C25245AD1A0A490D4C%40AdobeOrg&d_nsid=0&ts=1680308965017
https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8C6767C25245AD1A0A490D4C%40AdobeOrg&d_nsid=0&ts=1680308965017

212 B
1021 B

32ms
32ms

XHR
application/json

52.210.192.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8C6767C25245AD1A0A490D4C%40AdobeOrg&d_nsid=0&ts=1680308965017

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

HTTP/1.1

Server

52.210.192.50 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-192-50.eu-west-1.compute.amazonaws.com

Software

Resource Hash

de1eadaedfd3a27ad7fcfaa9a1a3f1ef4f0745a620bd03d26f78c0911c43b91a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v046-08c2553c3.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: 3/UDrTnVROY=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://barleflorian.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 208
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v046-09eff2095.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: hHMQsJ9xQDA=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://barleflorian.com
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8C6767C25245AD1A0A490D4C%40AdobeOrg&d_nsid=0&ts=1680308965017
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 / Show response
api.ipify.org/ 13 B
98 B 395ms
97ms Fetch
text/plain 64.185.227.155
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/
Requested by: Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.185.227.155 , United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-227-155.static.webnx.com
Software: /
Resource Hash: 45d8f5268bf3362d5ab1a0bc538871b0766a909f6805a97bd6c3533999bc73a4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin: https://barleflorian.com
date: Sat, 01 Apr 2023 00:29:25 GMT
content-length: 13
vary: Origin
content-type: text/plain

GET
H2 200 /
www.google.com/pagead/1p-user-list/1034109468/ 42 B
327 B 38ms
38ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1034109468/?random=1629483771675&cv=9&fst=1629482400000&num=1&guid=ON&u_h=1000&u_w=1500&u_ah=960&u_aw=1500&u_cd=24&u_his=13&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=ecomm_pagetype%3Dother%3Becomm_value%3D0&frm=0&url=https%3A%2F%2Fwww.cox.com%2Fcontent%2Fdam%2Fcox%2Fokta%2Fsignin.html%3Fonsuccess%3Dhttps%253A%252F%252Fwww.cox.com%252Fwebapi%252Fcdncache%252Fcookieset%253Fresource%253Dhttps%253A%252F%252Fwww.cox.com%252Fresaccount%252Fhome.cox&ref=https%3A%2F%2Fwww.cox.com%2Fcontent%2Fdam%2Fcox%2Fokta%2F&tiba=Cox%20Login%20-%20Sign%20Into%20Your%20Cox%20Account&async=1&fmt=3&is_vtc=1&random=2513008726&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Apr 2023 00:29:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.fr/pagead/1p-user-list/1034109468/ 42 B
455 B 95ms
38ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/pagead/1p-user-list/1034109468/?random=1629483771675&cv=9&fst=1629482400000&num=1&guid=ON&u_h=1000&u_w=1500&u_ah=960&u_aw=1500&u_cd=24&u_his=13&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=ecomm_pagetype%3Dother%3Becomm_value%3D0&frm=0&url=https%3A%2F%2Fwww.cox.com%2Fcontent%2Fdam%2Fcox%2Fokta%2Fsignin.html%3Fonsuccess%3Dhttps%253A%252F%252Fwww.cox.com%252Fwebapi%252Fcdncache%252Fcookieset%253Fresource%253Dhttps%253A%252F%252Fwww.cox.com%252Fresaccount%252Fhome.cox&ref=https%3A%2F%2Fwww.cox.com%2Fcontent%2Fdam%2Fcox%2Fokta%2F&tiba=Cox%20Login%20-%20Sign%20Into%20Your%20Cox%20Account&async=1&fmt=3&is_vtc=1&random=2513008726&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Apr 2023 00:29:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f8fbae65ef7bb3203c5b5633660587c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 40F1 6 KB
3 KB 240ms
24ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f8fbae65ef7bb3203c5b5633660587c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://barleflorian.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 11378
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 31 Mar 2023 21:19:47 GMT
expires: Sat, 30 Mar 2024 21:19:47 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie-jar.html Show response
www.cox.com/content/dam/cox/common/ Frame FBFA 912 B
1 KB 265ms
30ms Document
text/html 45.60.47.167
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cox.com/content/dam/cox/common/cookie-jar.html

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.47.167 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

4cd0836620180c3c30a1e499adf6aab783126a2ba6435a112060506529ff22c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://barleflorian.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: no-cache
content-length: 912
content-type: text/html
strict-transport-security: max-age=31536000
x-iinfo: 14-163523098-0 0NNN RT(1680308963422 1346) q(0 -1 -1 0) r(0 -1) B12(11,47606,0) U24

GET
H2

200

cox_logo.png
webcdn.cox.com/ui/presentation/tsw/img/
Redirect Chain

https://webcdn2.cox.com/ui/presentation/tsw/img/cox_logo.png
https://webcdn.cox.com/ui/presentation/tsw/img/cox_logo.png

2 KB
2 KB

25ms
24ms

Image
image/png

45.60.47.167
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://webcdn.cox.com/ui/presentation/tsw/img/cox_logo.png

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

Server

45.60.47.167 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

d60826499153bf6fcb4e8a8809d3b10d737cf4990ee4a0c8d796af7d5c0a9175

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .cox.net .cox.com .coxbusiness.com coxcommunications.experiencecloud.adobe.com .discovercoxonline.com agent.bold360.com .cox-ondemand.com .yext-cdn.com .yextpages.net .evgnet.com *.evergage.com
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Xss-Protection	1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 06:20:39 GMT
content-security-policy: frame-ancestors *.cox.net *.cox.com *.coxbusiness.com coxcommunications.experiencecloud.adobe.com *.discovercoxonline.com agent.bold360.com *.cox-ondemand.com *.yext-cdn.com *.yextpages.net *.evgnet.com *.evergage.com
via: 1.1 91f8decb73d70c00873991ae75748534.cloudfront.net (CloudFront)
strict-transport-security: max-age=86400; includeSubDomains
x-cdn: Imperva
x-amz-cf-pop: CDG53-C1
age: 238126
x-cache: Hit from cloudfront
x-iinfo: 14-163523098-163523164 PNNN RT(1680308963422 1168) q(0 0 0 -1) r(0 0) U24
content-length: 1865
x-xss-protection: 1
x-ua-compatible: IE=edge
x-content-type: nosniff
last-modified: Tue, 28 Mar 2023 03:21:13 GMT
server: Apache
content-type: image/png
cache-control: max-age=1209600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: XXo5HIJWFCRlJw50BONW1_rOaYKui8EMwElIP1fi3qfGD_2u6G7MKA==

Redirect headers

location: https://webcdn.cox.com/ui/presentation/tsw/img/cox_logo.png
strict-transport-security: max-age=31536000
content-length: 0

GET
H2 200 checkbox-default.svg
webcdn.cox.com/ui/aem7/tsw/img/global/icons/ 270 B
491 B 25ms
24ms Image
image/svg+xml 45.60.47.167
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://webcdn.cox.com/ui/aem7/tsw/img/global/icons/checkbox-default.svg

Requested by

Host: webcdn.cox.com
URL: https://webcdn.cox.com/ui/aem7/tsw/css/cox-residential-aemapp.css.jgz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.47.167 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

e5647edf02795dbd3d4fb9f5c38e1ffefa0d563c31c9cc060db7320e28bf9844

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .cox.net .cox.com .coxbusiness.com coxcommunications.experiencecloud.adobe.com .discovercoxonline.com agent.bold360.com .cox-ondemand.com .yext-cdn.com .yextpages.net .evgnet.com *.evergage.com
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Xss-Protection	1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://webcdn.cox.com/ui/aem7/tsw/css/cox-residential-aemapp.css.jgz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 16:38:04 GMT
content-encoding: gzip
via: 1.1 91f8decb73d70c00873991ae75748534.cloudfront.net (CloudFront)
content-security-policy: frame-ancestors *.cox.net *.cox.com *.coxbusiness.com coxcommunications.experiencecloud.adobe.com *.discovercoxonline.com agent.bold360.com *.cox-ondemand.com *.yext-cdn.com *.yextpages.net *.evgnet.com *.evergage.com
x-cdn: Imperva
strict-transport-security: max-age=86400; includeSubDomains
x-amz-cf-pop: CDG53-C1
age: 201081
x-cache: Hit from cloudfront
x-iinfo: 14-163523098-163523164 PNNN RT(1680308963422 1148) q(0 0 0 -1) r(0 0) U24
content-length: 210
x-xss-protection: 1
x-ua-compatible: IE=edge
x-content-type: nosniff
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: Apache
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=1209590, must-revalidate
accept-ranges: bytes
x-amz-cf-id: YBZ_yPPm3yQfMuyOACWLaDZuHAktLnPROFXiuiiBUDpovOLvW_iGUQ==

GET
H2 200 okticon.woff
global.oktacdn.com/okta-signin-widget/3.8.2/font/ 20 KB
21 KB 72ms
26ms Font
application/octet-stream 18.66.147.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://global.oktacdn.com/okta-signin-widget/3.8.2/font/okticon.woff

Requested by

Host: global.oktacdn.com
URL: https://global.oktacdn.com/okta-signin-widget/3.8.2/css/okta-sign-in.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-97.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

7eccbb3b4b68f9f24a3b826f2eea4a1bbb48196cb734afc1b62c3d045cb680e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000
X-Content-Type-Options	nosniff

Request headers

Referer: https://global.oktacdn.com/okta-signin-widget/3.8.2/css/okta-sign-in.min.css
Origin: https://barleflorian.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: dDQhkYt0RHrEVEp9cvTtLweQzsWLGlTl
strict-transport-security: max-age=315360000
x-content-type-options: nosniff
date: Fri, 31 Mar 2023 07:36:02 GMT
via: 1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 60804
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 20600
last-modified: Fri, 20 Mar 2020 02:19:41 GMT
server: AmazonS3
etag: "db28723126138387cdf40680e6e0fa5d"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public,max-age=31536000,s-maxage=1814400
accept-ranges: bytes
x-amz-cf-id: 6nNeNByRXVruicx_l2xA1ZqefbqgNKGPscQguZTDJyckj412-FBB0g==

GET
H2 200 OpenSans-Regular-webfont.woff
webcdn.cox.com/ui/presentation/tsw/css/fonts/ 22 KB
23 KB 204ms
28ms Font
application/font-woff 45.60.47.167
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://webcdn.cox.com/ui/presentation/tsw/css/fonts/OpenSans-Regular-webfont.woff

Requested by

Host: webcdn.cox.com
URL: https://webcdn.cox.com/ui/presentation/tsw/css/flex-presentation.css.jgz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.47.167 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

22e7a1b10c110072f5a0bfd16e2197a76b279ec879bcce8978fada1dc9ee5d40

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .cox.net .cox.com .coxbusiness.com coxcommunications.experiencecloud.adobe.com .discovercoxonline.com agent.bold360.com .cox-ondemand.com .yext-cdn.com .yextpages.net .evgnet.com *.evergage.com
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Xss-Protection	1

Request headers

Referer: https://webcdn.cox.com/ui/presentation/tsw/css/flex-presentation.css.jgz
Origin: https://barleflorian.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 06:36:53 GMT
content-encoding: gzip
via: 1.1 bbfe794cf908362a338386171e1a8caa.cloudfront.net (CloudFront)
content-security-policy: frame-ancestors *.cox.net *.cox.com *.coxbusiness.com coxcommunications.experiencecloud.adobe.com *.discovercoxonline.com agent.bold360.com *.cox-ondemand.com *.yext-cdn.com *.yextpages.net *.evgnet.com *.evergage.com
x-cdn: Imperva
strict-transport-security: max-age=86400; includeSubDomains
x-amz-cf-pop: CDG53-C1
age: 237152
x-cache: Hit from cloudfront
x-iinfo: 11-121041690-121041704 NNNN CT(2 4 0) RT(1680308964571 159) q(0 0 0 0) r(0 0) U24
content-length: 22558
x-xss-protection: 1
x-ua-compatible: IE=edge
x-content-type: nosniff
last-modified: Tue, 28 Mar 2023 03:21:13 GMT
server: Apache
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=1209600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: jirt560CEp51w_rHUaz5FgCYvYNQrJXsxPHwnhNyMy-4SHYGlMy-XQ==

GET
H2 200 OpenSans-Semibold-webfont.woff
webcdn.cox.com/ui/presentation/tsw/css/fonts/ 24 KB
25 KB 218ms
47ms Font
application/font-woff 45.60.47.167
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://webcdn.cox.com/ui/presentation/tsw/css/fonts/OpenSans-Semibold-webfont.woff

Requested by

Host: webcdn.cox.com
URL: https://webcdn.cox.com/ui/presentation/tsw/css/flex-presentation.css.jgz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.47.167 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

cca13a043d768c596be1f3e6410e2fc05872542c9cdca6485d19584b2a0aae1c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .cox.net .cox.com .coxbusiness.com coxcommunications.experiencecloud.adobe.com .discovercoxonline.com agent.bold360.com .cox-ondemand.com .yext-cdn.com .yextpages.net .evgnet.com *.evergage.com
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Xss-Protection	1

Request headers

Referer: https://webcdn.cox.com/ui/presentation/tsw/css/flex-presentation.css.jgz
Origin: https://barleflorian.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 06:36:53 GMT
content-encoding: gzip
via: 1.1 a64d90720955c3d3de37aa0526d1a7a4.cloudfront.net (CloudFront)
content-security-policy: frame-ancestors *.cox.net *.cox.com *.coxbusiness.com coxcommunications.experiencecloud.adobe.com *.discovercoxonline.com agent.bold360.com *.cox-ondemand.com *.yext-cdn.com *.yextpages.net *.evgnet.com *.evergage.com
x-cdn: Imperva
strict-transport-security: max-age=86400; includeSubDomains
x-amz-cf-pop: CDG53-C1
age: 237152
x-cache: Hit from cloudfront
x-iinfo: 11-121041690-121041705 NNNN CT(1 4 0) RT(1680308964571 160) q(0 0 0 2) r(0 0) U24
content-length: 24814
x-xss-protection: 1
x-ua-compatible: IE=edge
x-content-type: nosniff
last-modified: Tue, 28 Mar 2023 03:21:13 GMT
server: Apache
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=1209600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: XuiWZ8LTrxzM-zd1rjKaNzmd_UDCVnNeJ1DCuh_1JQ9SJN29P8i-eg==

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 846A 783 B
1 KB 184ms
35ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e39fe1ec2b40705c14b26e49f797782a33e8f5907f21b15b091c38c367b92560

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-H5qK5wOBBId9xlx-PiEo2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://barleflorian.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-H5qK5wOBBId9xlx-PiEo2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 01 Apr 2023 00:29:25 GMT
expires: Sat, 01 Apr 2023 00:29:25 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 mpathy-modern.js Show response
gateway.foresee.com/code/6.3.1-mp/ 83 KB
25 KB 25ms
25ms Script
application/javascript 18.66.147.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.foresee.com/code/6.3.1-mp/mpathy-modern.js
Requested by: Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-25.fra60.r.cloudfront.net
Software: /
Resource Hash: 871f0d427f26a09f48d2c5475340e23c94e27a6b1a1f8a97e856c792b1a8aa9d

Request headers

Referer: https://barleflorian.com/
Origin: https://barleflorian.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 07:20:50 GMT
content-encoding: br
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 1012115
x-cache: Hit from cloudfront
status: 200
last-modified: Thu, 29 Apr 2021 15:30:34 GMT
etag: W/"bfc97a45ddb5537aea9ea725c6cf9a5c"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=2419200
access-control-allow-headers: X-Requested-With
x-amz-cf-id: wNfph3gZO97brqiHrrsqlULCN1MAUDlXL-hkI0qEFUMMTsIKokTlug==
expires: Mon, 17 Apr 2023 07:20:50 GMT

GET
H2 200 fs.feedback.js Show response
gateway.foresee.com/code/19.13.1-fs/ 36 KB
10 KB 25ms
24ms Script
application/javascript 18.66.147.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.foresee.com/code/19.13.1-fs/fs.feedback.js
Requested by: Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-25.fra60.r.cloudfront.net
Software: /
Resource Hash: 08f5b9afd31610820f2626c17f1e36f8ef32997e3df0fb24362b5188412d8b03

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 11:57:25 GMT
content-encoding: br
via: 1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 2377920
x-cache: Hit from cloudfront
status: 200
last-modified: Mon, 05 Oct 2020 18:36:53 GMT
etag: W/"80642ecc8968560111c3e44928520701"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=2419200
access-control-allow-headers: X-Requested-With
x-amz-cf-id: 0J262kApNiAqbip_xbxQd4nohT2OmXTMTeUauoWQ4W4a1JF_mJc5JA==
expires: Sat, 01 Apr 2023 11:57:25 GMT

GET
H2 200 fs.survey.js Show response
gateway.foresee.com/code/19.13.1-fs/ 21 KB
7 KB 35ms
34ms Script
application/javascript 18.66.147.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.foresee.com/code/19.13.1-fs/fs.survey.js
Requested by: Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-25.fra60.r.cloudfront.net
Software: /
Resource Hash: 3f3619e57fd3b8e3ad141728c9f5c7389459d3b75234e287dafdd113d93cd16d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 02:30:43 GMT
content-encoding: gzip
via: 1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 2325522
x-cache: Hit from cloudfront
status: 200
last-modified: Mon, 05 Oct 2020 18:36:53 GMT
etag: W/"4505000392bdb7a01a2c8b65b6cf31e2"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=2419200
access-control-allow-headers: X-Requested-With
x-amz-cf-id: _TYRNRpDxmu8zH6wSbhYL207NGOcsrBW6dqDVq1R8Nb8tIwMp6sHHA==
expires: Sun, 02 Apr 2023 02:30:43 GMT

GET
H2 200 fs.trigger.js Show response
gateway.foresee.com/code/19.13.1-fs/ 35 KB
11 KB 27ms
26ms Script
application/javascript 18.66.147.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.foresee.com/code/19.13.1-fs/fs.trigger.js
Requested by: Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-25.fra60.r.cloudfront.net
Software: /
Resource Hash: 65176c2bc37774e49c65f8ed6dbcb8a1af4329dc2c39b3744cb43f4342a67a02

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 01:40:01 GMT
content-encoding: br
via: 1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 1464563
x-cache: Hit from cloudfront
status: 200
last-modified: Mon, 05 Oct 2020 18:36:53 GMT
etag: W/"206faf59a72306a8a82f2f801474e4a5"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=2419200
access-control-allow-headers: X-Requested-With
x-amz-cf-id: QI6c5ZRgtPSaEtfBQhO_ThOuF9LVFVQrx3p6IlVdI0PVQDHVKh1oVw==
expires: Wed, 12 Apr 2023 01:40:01 GMT

GET
H2 200 fs.utils.js Show response
gateway.foresee.com/code/19.13.1-fs/ 49 KB
16 KB 33ms
33ms Script
application/javascript 18.66.147.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.foresee.com/code/19.13.1-fs/fs.utils.js
Requested by: Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-25.fra60.r.cloudfront.net
Software: /
Resource Hash: 9aa53ced8e5c2586773a4b86516aedd8c55a7593201b556cdbaec0cb4e437092

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 12:06:35 GMT
content-encoding: gzip
via: 1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 2031770
x-cache: Hit from cloudfront
status: 200
last-modified: Mon, 05 Oct 2020 18:36:53 GMT
etag: W/"857357ac5565e3401811f5edd58421e2"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=2419200
access-control-allow-headers: X-Requested-With
x-amz-cf-id: OEt_zeqrGfbtO71YchcXQgHjFQAGmKDJEvE8VL9vKeXXfl7Ma9x7Xw==
expires: Wed, 05 Apr 2023 12:06:35 GMT

GET
H2 200 fs.compress.js Show response
gateway.foresee.com/code/19.13.1-fs/ 31 KB
11 KB 29ms
28ms Script
application/javascript 18.66.147.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.foresee.com/code/19.13.1-fs/fs.compress.js
Requested by: Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-25.fra60.r.cloudfront.net
Software: /
Resource Hash: 927c81b30ded08e9c2dfda6761f718d5341d8c0da01dadefb45e47f346491c28

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 01:52:33 GMT
content-encoding: br
via: 1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 859012
x-cache: Hit from cloudfront
status: 200
last-modified: Mon, 05 Oct 2020 18:36:53 GMT
etag: W/"7f0d4c8626134439823eb58336634720"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=2419200
access-control-allow-headers: X-Requested-With
x-amz-cf-id: ZZPg5nBq3q2aB3CvoV1e32O-RU1knkOkNEjpIYzZPpsvUuxzQi6v9A==
expires: Wed, 19 Apr 2023 01:52:33 GMT

GET
H2 200 id Show response
smetrics.cox.com/ 48 B
456 B 335ms
20ms XHR
application/x-javascript 15.236.117.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.cox.com/id?d_visid_ver=5.2.0&d_fieldgroup=A&mcorgid=8C6767C25245AD1A0A490D4C%40AdobeOrg&mid=09397608975302973382102353724866173493&ts=1680308965243

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.117.205 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-117-205.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

b30b798e511ce7eff91dd8b1d8f31a57ff72d48a324ab254fdbb27ea7ddd76ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://barleflorian.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 01 Apr 2023 00:29:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://barleflorian.com
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 48
x-xss-protection: 1; mode=block

POST
H2 200 delivery Show response
target.cox.com/rest/v1/ 360 B
856 B 421ms
40ms XHR
application/json 34.243.128.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://target.cox.com/rest/v1/delivery?client=coxcommunications&sessionId=24d40fbd58524050bb3ba227f8dfdf90&version=2.10.0

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.243.128.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-243-128-137.eu-west-1.compute.amazonaws.com

Software

Resource Hash

6f0318cf06ef561873c3f173634ba6f3000c827cadb5a062eb62e2545a4936b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://barleflorian.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 01 Apr 2023 00:29:25 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
x-content-type-options: nosniff
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://barleflorian.com
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
x-request-id: 6b7ba3ecbbd60fad021a50773ee3df3b

GET
H2 200 utag.1090.js Show response
tags.tiqcdn.com/utag/cox/main/prod/ 5 KB
2 KB 27ms
26ms Script
application/javascript 2600:9000:223e:8400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/cox/main/prod/utag.1090.js?utv=ut4.46.202301121333
Requested by: Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:8400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b8c6dc0240ff500fa2a39b69eff345cff306946f872b75c3baa29890342bbf16

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: FL32TDsk3uY67fWOjGNn8cJN0ytNpuuY
content-encoding: br
via: 1.1 ade2b5e2170ccd4f394b741b27bb0eec.cloudfront.net (CloudFront)
date: Sat, 01 Apr 2023 00:29:25 GMT
last-modified: Wed, 29 Mar 2023 15:41:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 165
x-amz-server-side-encryption: AES256
etag: W/"7a11e28c1f17a847b93d77c5d4c2e373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: RJkwmcU2KWeX86f_PvGYs55lGNf126fsjNfkk84MgO2rdRwDdNKkuQ==

GET
H2 200 embed.js Show response
resources.digital-cloud.medallia.com/wdcus/190881/onsite/ 1 KB
808 B 118ms
25ms Script
application/javascript 146.75.121.230
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.digital-cloud.medallia.com/wdcus/190881/onsite/embed.js

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

146.75.121.230 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5a19d9670111354aaa611c7ba391037e476da11d1a8da20c4c0b359fdf84a0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 00:29:25 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31557600
age: 249786
x-cache: HIT
content-length: 529
x-served-by: cache-hhn-etou8220069-HHN
last-modified: Thu, 23 Mar 2023 12:42:21 GMT
x-timer: S1680308966.531840,VS0,VE1
etag: "c04c438f7aa6b688f61756602473f8a9"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0,must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 di.js Show response
cdn.decibelinsight.net/i/14047/765302/ 197 KB
77 KB 89ms
28ms Script
text/javascript 108.138.17.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.decibelinsight.net/i/14047/765302/di.js

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.90 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-90.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

d48d00c53d675d25a77f6a4d7a11b870f54624e32e6957ec8152fe8ca6d362aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 00:29:25 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
via: 1.1 837a869ba82f4a85a2e5810b11746698.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
server: nginx
etag: W/000071852-1872C55D09D
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=5400
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override
x-amz-cf-id: xvOzU58TH3zcaNoq8cKey4DdScryfV0pg7uqg-bHQAYoidU5k3mXTA==

GET
H2 200 92e83216e6ff6bdb0792d46f385ab5b7.js Show response
d.rageagainstthesoap.com/i/ 86 KB
32 KB 98ms
27ms Script
text/javascript 2600:9000:223c:9a00:7:4902:e200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.rageagainstthesoap.com/i/92e83216e6ff6bdb0792d46f385ab5b7.js
Requested by: Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:9a00:7:4902:e200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Caddy /
Resource Hash: 6632358c9504f0ee52faadc71e6511ff9e9abfae48aafc11bb30ae50e31868b0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 21:08:33 GMT
content-encoding: gzip
via: 1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront)
server: Caddy
x-amz-cf-pop: FRA56-P2
age: 12289
etag: "15979-1ixPG3Mltdr2mFU/FeInOeKjxvA"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=43200
content-length: 32090
x-amz-cf-id: yY1sq8fgSp608fo8NUMHttLtok_369tilfAUzuh1ItfAXF-BMzgoKA==
expires: Sat, 01 Apr 2023 09:04:36 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 26 KB
9 KB 68ms
27ms Script
application/javascript 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e85a649094d881201f7a886c94cd19e72196c761da5017c9269b03b35ca9c5c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 01 Apr 2023 00:29:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: XP5ufGIMVAznk1F+pqtwzg==
age: 73241
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 8618
x-ms-lease-status: unlocked
last-modified: Wed, 29 Mar 2023 06:31:51 GMT
server: cloudflare
etag: 0x8DB301F482ACD4D
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: cd84d4f9-a01e-0176-4c84-621a0f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7b0cb7bb4980f8cd-CDG

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
410 B 23ms
22ms Script
application/javascript 2600:9000:223e:8400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=cox/main/202303291539&cb=1680308965331
Requested by: Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:8400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: 2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date: Sat, 01 Apr 2023 00:28:01 GMT
via: 1.1 ade2b5e2170ccd4f394b741b27bb0eec.cloudfront.net (CloudFront)
last-modified: Sat, 11 Mar 2023 06:57:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 442
x-amz-server-side-encryption: AES256
etag: "7bc0ee636b3b83484fc3b9348863bd22"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2
x-amz-cf-id: iIFM9y9KB3qisz_-dr5WDmcn-Ele9e4-35-elwjHl5C4xDaP1fHLHg==

GET
H2 200 cd74bace-f946-4c14-84d5-00ef971de734 Show response
brain.foresee.com/state/cox_communications/ 20 B
288 B 320ms
107ms XHR
application/json 34.193.189.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://brain.foresee.com/state/cox_communications/cd74bace-f946-4c14-84d5-00ef971de734

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.189.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-189-214.compute-1.amazonaws.com

Software

Resource Hash

8923de470b0e49b233e56242f3388768dc538928ac3e171a5e6d34ff5b6a822b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Apr 2023 00:29:25 GMT
user-hash: f9afde5a75d3964344d22f57bcfcaf007d735e91
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
brain-server-version: 1.12.0
cache-control: private, no-cache, no-store, must-revalidate
app-info: brain 1.12.0
content-length: 20
x-xss-protection: 0
expires: -1

GET
H2 200 orgone-Obed-abhorrow-That-Safe-Yong-abroach-it-p Show response
www.cox.com/ Frame FBFA 208 KB
67 KB 41ms
40ms Script
text/javascript 45.60.47.167
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cox.com/orgone-Obed-abhorrow-That-Safe-Yong-abroach-it-p

Requested by

Host: www.cox.com
URL: https://www.cox.com/content/dam/cox/common/cookie-jar.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.47.167 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

bon /

Resource Hash

d3ea1d2be236fb0c6f31162fd3a0f3fbca4f87e7aa3492250c1ef6e7165ebc26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.cox.com/content/dam/cox/common/cookie-jar.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 00:29:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: bon
x-cdn: Imperva
content-type: text/javascript
access-control-allow-origin: *
x-iinfo: 14-163523098-163523433 NNNN CT(3 5 0) RT(1680308963422 1380) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
server-timing: bon, total;dur=10.073101
content-length: 68243

GET
H2 200 _Incapsula_Resource Show response
www.cox.com/ Frame CBCD 7 KB
2 KB 18ms
18ms Document
text/html 45.60.47.167
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cox.com/_Incapsula_Resource?SWUDNSAI=31&xinfo=14-163523098-0%200NNN%20RT%281680308963422%201346%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B12%2811%2c47606%2c0%29%20U24&incident_id=1517000460287098728-765279407499447182&edet=12&cinfo=0b000000&rpinfo=0&cts=a2sO2PgGS2vKNZrVX8H6kWrnGEr8ajW1LRXgaU6yT%2fpawy1uH%2fw4lO0bEylymixV&mth=GET

Requested by

Host: www.cox.com
URL: https://www.cox.com/content/dam/cox/common/cookie-jar.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.47.167 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

bb039c0d54070327b6adbc159fa6657124c0745cfe0cf11e1848d96b6122a864

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.cox.com/content/dam/cox/common/cookie-jar.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
content-length: 2071
content-type: text/html
strict-transport-security: max-age=31536000
x-robots-tag: noindex

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/ 399 KB
124 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4271be75b6549727b2f6b020a48a3df7d47a7e97f70371379935d25d52dbdd2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 22:26:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7402
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126961
x-xss-protection: 0
server: cafe
etag: 11043018428268230335
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 30 Mar 2024 22:26:03 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 38 B
66 B 112ms
60ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=barleflorian.com

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7f4899038d840214e5c4b086d84f9dbf8d8fc6aade24ae7326b62c0868636e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 00:29:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Sat, 01 Apr 2023 00:29:25 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ Frame CBCD 850 B
692 B 35ms
35ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.cox.com
URL: https://www.cox.com/_Incapsula_Resource?SWUDNSAI=31&xinfo=14-163523098-0%200NNN%20RT%281680308963422%201346%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B12%2811%2c47606%2c0%29%20U24&incident_id=1517000460287098728-765279407499447182&edet=12&cinfo=0b000000&rpinfo=0&cts=a2sO2PgGS2vKNZrVX8H6kWrnGEr8ajW1LRXgaU6yT%2fpawy1uH%2fw4lO0bEylymixV&mth=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

16066854168dba0d5b66929ee98cb0325d5f26f2bd48515220d65c130bb4d16d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.cox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 00:29:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 559
x-xss-protection: 1; mode=block
expires: Sat, 01 Apr 2023 00:29:25 GMT

GET
H2 200 recaptcha__fr.js Show response
www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/ Frame CBCD 411 KB
165 KB 84ms
25ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/recaptcha__fr.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76cd73d136711684a382feb832d651c907108ccb0a6fec971f08083f6ed1c953

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cox.com/
Origin: https://www.cox.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 09:06:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 314552
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167913
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 00:02:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Mar 2024 09:06:53 GMT

GET
H2 200 fs.storageupgrade.js Show response
gateway.foresee.com/code/19.13.1-fs/ 3 KB
1 KB 24ms
23ms Script
application/javascript 18.66.147.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.foresee.com/code/19.13.1-fs/fs.storageupgrade.js
Requested by: Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-25.fra60.r.cloudfront.net
Software: /
Resource Hash: d95592cd6359268fe02c317932a59feb612258fa518f4953a1823eff9576bb32

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 23:53:39 GMT
content-encoding: br
via: 1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 88546
x-cache: Hit from cloudfront
status: 200
last-modified: Mon, 05 Oct 2020 18:36:53 GMT
etag: W/"5af3678cfdf40bce2d01dd09cb26eb7f"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=2419200
access-control-allow-headers: X-Requested-With
x-amz-cf-id: GurOGmH3ED3x-7P_cPqKw1T9zW1aK15n0HOPNWraN7m5MDsNUywCNg==
expires: Thu, 27 Apr 2023 23:53:39 GMT

GET
H2 200 a8a82492-0c3a-47ff-bc3d-5d35a439fce5.json Show response
cdn.cookielaw.org/consent/a8a82492-0c3a-47ff-bc3d-5d35a439fce5/ 3 KB
2 KB 110ms
58ms XHR
application/x-javascript 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/a8a82492-0c3a-47ff-bc3d-5d35a439fce5/a8a82492-0c3a-47ff-bc3d-5d35a439fce5.json

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ffb651f8bff2c93c955931d3e7efc01703f73c90cb383b7f9bf4e36e553f181

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 01 Apr 2023 00:29:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-md5: kPQgwUYxHWXTDxkirVkBYA==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1406
x-ms-lease-status: unlocked
last-modified: Thu, 08 Dec 2022 20:32:26 GMT
server: cloudflare
etag: 0x8DAD95B52079C1A
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: c785f57c-c01e-0040-5362-63f108000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7b0cb7bc2ac2f0af-CDG
expires: Sun, 02 Apr 2023 00:29:25 GMT

GET
H2 200 ct Show response
en.rageagainstthesoap.com/ 4 KB
2 KB 402ms
189ms Script
text/javascript 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://en.rageagainstthesoap.com/ct?id=27576&url=https%3A%2F%2Fbarleflorian.com%2Fwp-admin%2Fnetwork%2Fkaltoon%2Fauthen&sf=0&tpi=&ch=&uvid=&tsf=0&tsfmi=&tsfu=&cb=1680308965852&hl=2&op=0&ag=1794641885&rand=236885228216170179756601711120969410913652096063028170022525132011287103120&fs=1600x1200&fst=1600x1200&np=win32&nv=google%20inc.&ref=&ss=1600x1200&nc=0&at=&di=W1siZWYiLDM5MjldLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbFwiLFwidlwiOlwiaW50ZWwgaW5jLlwiLFwiclwiOlwiaW50ZWwgaXJpcyBvcGVuZ2wgZW5naW5lXCIsXCJzbHZcIjpcIndlYmdsIGdsc2wgZXMgMS4wIChvcGVuZ2wgZXMgZ2xzbCBlcyAxLjAgY2hyb21pdW0pXCIsXCJndmVyXCI6XCJ3ZWJnbCAxLjAgKG9wZW5nbCBlcyAyLjAgY2hyb21pdW0pXCIsXCJndmVuXCI6XCJ3ZWJraXRcIixcImJlblwiOjExLFwid2dsXCI6MSxcImdyZW5cIjpcIndlYmtpdCB3ZWJnbFwiLFwic2VmXCI6MzY5ODUxODcxMCxcInNlY1wiOlwiXCJ9Il0sWzM3LCJbMzMxNjIyNDA0OSxmdW5jdGlvbihuZXdWYWx1ZSkge1xuICAgICAgICAgICAgICBhZGRDb250ZW50V2luZG93UHJveHkodGhpcylcbiAgICAgICAgICAgICAgLy8gUmVzZXQgcHJvcGVydHksIHRoZSBob29rIGlzIG9ubHkgbmVlZGVkIG9uY2VcbiAgICAgICAgICAgICAgT2JqZWN0LmRlZmluZVByb3BlcnR5KGlmcmFtZSwgJ3NyY2RvYycsIHtcbiAgICAgICAgICAgICAgICBjb25maWd1cmFibGU6IGZhbHNlLFxuICAgICAgICAgICAgICAgIHdyaXRhYmxlOiBmYWxzZSxcbiAgICAgICAgICAgICAgICB2YWx1ZTogX3NyY2RvY1xuICAgICAgICAgICAgICB9KVxuICAgICAgICAgICAgICBfaWZyYW1lLnNyY2RvYyA9IG5ld1ZhbHVlXG4gICAgICAgICAgICB9XSJdLFs3MSwic291cmNlVVJMPWUsdGhpcy5saW5lPW59ZnVuY3Rpb24gIl0sWyJjYiIsIjAsMCwwLDAsMCwxLDAsMCwwLDMsMCwwLDEzLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsOSJdLFstMSwiLSJdLFstMiwiNixlWUc5WDEvWDF0WmxTMjJkNTF4OFlOWTlNeEpRRU1DZFVCSEpMODZMMjNBQ0dVaEJJd0lTU0VFQWNJSmZSZUFnUUlFRm9JbmRDeHdRWGpobzI3MTk2bU1qT3Yvcjg3MHV4cUZ4Il0sWy0zLCJbXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJtaGpmYm1kZ2NmamJicGFlb2pvZm9ob2VmZ2llaGphaVwiLFwiaW50ZXJuYWwtbmFjbC1wbHVnaW5cIl0iXSxbLTQsIi0iXSxbLTUsIi0iXSxbLTYsIi0iXSxbLTcsIi0iXSxbLTgsIi0iXSxbLTksIisiXSxbLTEwLCItIl0sWy0xMSwie1widFwiOlwiXCIsXCJtXCI6W1wiZGVzY3JpcHRpb25cIixcIm9nOnRpdGxlXCIsXCJvZzpkZXNjcmlwdGlvblwiXX0iXSxbLTEyLCJudWxsIl0sWy0xMywiLSJdLFstMTQsIi0iXSxbLTE1LCItIl0sWy0xNiwiMCJdLFstMTcsIjQiXSxbLTE4LCJbMCwwLDAsMV0iXSxbLTE5LCJbMCwwLDAsMCwwLDAsMSwyNCwyNCxcIi1cIiwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTIwMCwxNjAwLDEyMDAsMCwwLDAsMCxcIi1cIixcIi1cIl0iXSxbLTIwLCItIl0sWy0yMSwiLSJdLFstMjIsIltcIm5cIixcIm5cIl0iXSxbLTIzLCIrIl0sWy0yNCwiW10iXSxbLTI1LCItIl0sWy0yNiwie1widGpoc1wiOjUwNDAwMDAwLFwidWpoc1wiOjM5NjAwMDAwLFwiamhzbFwiOjM3NjAwMDAwMDB9Il0sWy0yNywiWzAsMTAsMCxcIjRnXCIsbnVsbF0iXSxbLTI4LCJlbi1VUyxlbiJdLFstMjksIi0iXSxbLTMwLCJbXCJ2XCIsMF0iXSxbLTMxLCJmYWxzZSJdLFstMzIsIi0iXSxbLTMzLCItIl0sWy0zNCwiLSJdLFstMzUsIlsxNjgwMzA4OTY1ODEzLDBdIl0sWy0zNiwiW1wiNC8zXCIsXCI0LzNcIl0iXSxbLTM3LCItMTQ0LTY2LTE4MC0iXSxbLTM4LCJpLC0xLC0xLDMyMzIsMzIzMSwwLDAsMCwwLDgxLC0xLDAsLCw1MTM1LDUxMzUiXSxbLTM5LCJbXCIyMDAzMDEwN1wiLDQsXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixcIk1vemlsbGFcIixudWxsLG51bGwsdHJ1ZSw4LGZhbHNlLG51bGwsM10iXSxbLTQwLCIzMyJdLFstNDEsIi0iXSxbLTQyLCIxNzI0Mjk3NjUzIl0sWy00MywiMDAwMDAwMDEwMTAwMDAwMTAwMTExMDExMDAiXSxbLTQ0LCIwLDAsMCw1Il0sWy00NSwiNjIwLDY3NywwLDAsMCw1NjIsMCwwLDY0OCwwLDAsMCwwLDAsMCwwLDAsMCwwLDY4NCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCJdLFstNDYsIjAiXSxbLTQ3LCJFdGMvVW5rbm93bixlbi1VUyxsYXRuLGdyZWdvcnkiXSxbLTQ4LCIwLDAiXSxbLTQ5LCItIl0sWy01MCwiLSJdLFstNTEsIi0iXSxbLTUyLCItIl0sWy01MywiMTAwIl0sWy01NCwie1wiaFwiOltcIjMyOTk3Mjg0NTJcIixcIjgyMjgyMzExOVwiLFwiXzNcIixcIjI4NzI4OTkzMjBcIl0sXCJkXCI6W10sXCJiXCI6W10sXCJzXCI6MX0iXSxbLTU1LCIxIl0sWyJkZGIiLCIwLDYsMSwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMiwxLDAsMCwwLDAsMSwwLDIsMjYsMCw0LDAsMCwwLDAsMCwwLDEsMCJdLFsiYm5jaCIsNzldLFsiYWJuY2giLDgwXV0%3D&dep=0&pre=0&sdd=%7B%7D&cri=xoYcgq3Y5b&pto=5173&ver=50&gac=-&mei=&ap=&duid=1.1680308965.TeyFhH4dnN4wG0um&suid=1.1680308965.mMcrRRi0NpxAJQlO&tuid=1.1680308965.kHKqIIxIKQVVgw8Q&fbc=-&gtm=W10%3D&it=65%2C4626%2C352&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0
Requested by: Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: f75c84c907eea06f97529cf6d90f52b88fe33d69ab3ee21f6819dd728de2bad3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: text/javascript
pragma: no-cache
date: Sat, 01 Apr 2023 00:29:26 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 1426
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 7D7E 48 KB
26 KB 48ms
48ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld38BkUAAAAAPATwit3FXvga1PI6iVTb6zgXw62&co=aHR0cHM6Ly93d3cuY294LmNvbTo0NDM.&hl=fr&v=NZrMWHVy58-S9gVvad9HVGxk&size=normal&cb=abr2qqsh744p

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/recaptcha__fr.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c91ebe96afe5533913d870be12431315831e23eba0620f5afe970373e0426d96

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tbBmlNs1ehB8nDaxs7hFwQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cox.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 27010
content-security-policy: script-src 'report-sample' 'nonce-tbBmlNs1ehB8nDaxs7hFwQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 01 Apr 2023 00:29:25 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
295 B 86ms
39ms XHR
application/json 2606:4700:4400::6812:2b9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2b9e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39f7093b64cc148b96e3a8e1a8d849fcd4fda75781388e413014128f3dfffcf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://barleflorian.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 00:29:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 7b0cb7bd8b873cbc-CDG
access-control-allow-headers: Content-Type

POST
H2 200 cd74bace-f946-4c14-84d5-00ef971de734 Show response
brain.foresee.com/state/cox_communications/ 372 B
640 B 111ms
111ms XHR
application/json 34.193.189.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://brain.foresee.com/state/cox_communications/cd74bace-f946-4c14-84d5-00ef971de734

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.189.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-189-214.compute-1.amazonaws.com

Software

Resource Hash

487c6a15ced8b69cf035b301349323242b3f667764a91f92b3918e3c310b23ec

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://barleflorian.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sat, 01 Apr 2023 00:29:26 GMT
user-hash: f9afde5a75d3964344d22f57bcfcaf007d735e91
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
brain-server-version: 1.12.0
cache-control: private, no-cache, no-store, must-revalidate
app-info: brain 1.12.0
content-length: 372
x-xss-protection: 0
expires: -1

OPTIONS
H2 204 cd74bace-f946-4c14-84d5-00ef971de734
brain.foresee.com/state/cox_communications/ Frame 0
0 98ms
98ms Preflight 34.193.189.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.foresee.com/state/cox_communications/cd74bace-f946-4c14-84d5-00ef971de734
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.189.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-189-214.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://barleflorian.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 600
date: Sat, 01 Apr 2023 00:29:26 GMT
vary: Access-Control-Request-Headers

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/ Frame 7D7E 55 KB
24 KB 76ms
24ms Stylesheet
text/css 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld38BkUAAAAAPATwit3FXvga1PI6iVTb6zgXw62&co=aHR0cHM6Ly93d3cuY294LmNvbTo0NDM.&hl=fr&v=NZrMWHVy58-S9gVvad9HVGxk&size=normal&cb=abr2qqsh744p

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 22:44:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6302
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 00:02:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 30 Mar 2024 22:44:24 GMT

GET
H3 200 recaptcha__fr.js Show response
www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/ Frame 7D7E 411 KB
164 KB 89ms
38ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/recaptcha__fr.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76cd73d136711684a382feb832d651c907108ccb0a6fec971f08083f6ed1c953

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 09:06:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 314553
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167913
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 00:02:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Mar 2024 09:06:53 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202211.1.0/ 383 KB
92 KB 27ms
27ms Script
application/javascript 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202211.1.0/otBannerSdk.js

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff3565cc93cf3c21b441dd5911de725fb55e4d203cfe380ea1b70adfc9c7504b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 01 Apr 2023 00:29:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 9qSRvp3H9roScfT6qXUxeQ==
age: 73240
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 93485
x-ms-lease-status: unlocked
last-modified: Thu, 15 Dec 2022 13:30:03 GMT
server: cloudflare
etag: 0x8DADEA07933BD54
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 8c0e5b9c-b01e-0029-29e1-5aaea4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7b0cb7bdda8df8cd-CDG

POST
H2 200 orgone-Obed-abhorrow-That-Safe-Yong-abroach-it-p Show response
www.cox.com/ Frame FBFA 811 B
908 B 41ms
40ms Fetch
application/json 45.60.47.167
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cox.com/orgone-Obed-abhorrow-That-Safe-Yong-abroach-it-p?d=www.cox.com

Requested by

Host: www.cox.com
URL: https://www.cox.com/orgone-Obed-abhorrow-That-Safe-Yong-abroach-it-p

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.47.167 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

bon /

Resource Hash

af837ae7b71351d6e975ebe52b34a81438de40b134de2c30ea245b5c1b79a57b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json; charset=utf-8
Referer: https://www.cox.com/content/dam/cox/common/cookie-jar.html
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

date: Sat, 01 Apr 2023 00:29:25 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
server: bon
x-cdn: Imperva
content-type: application/json
access-control-allow-origin: *
x-iinfo: 14-163523098-163523433 PNYN RT(1680308963422 2060) q(0 0 0 -1) r(1 1) U6
cache-control: no-cache, no-store
server-timing: bon, total;dur=20.226983

POST
H2 200 events Show response
analytics.foresee.com/ingest/ 45 B
276 B 457ms
455ms XHR
application/json 52.1.244.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.foresee.com/ingest/events

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.1.244.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-244-191.compute-1.amazonaws.com

Software

nginx/1.23.2 /

Resource Hash

8eefa322436955a85812c082e3ed2399efd61cef81bf4e07d4bee01146e21e62

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://barleflorian.com/
Request-API-Version: 1.0.0
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sat, 01 Apr 2023 00:29:26 GMT
server: nginx/1.23.2
brain-server-version: 1.9.2
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
cache-control: private, no-cache, no-store, must-revalidate
app-info: fsevents 1.9.2
content-length: 45
x-xss-protection: 0
expires: -1

OPTIONS
H2 200 events
analytics.foresee.com/ingest/ Frame 0
0 362ms
107ms Preflight 52.1.244.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.foresee.com/ingest/events
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.1.244.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-244-191.compute-1.amazonaws.com
Software: nginx/1.23.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,request-api-version
Access-Control-Request-Method: POST
Origin: https://barleflorian.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-headers: Origin,Authorization,X-Requested-With,Accept,Access-Control-Allow-Origin,Request-API-Version,Content-Length,Content-Type
access-control-allow-methods: POST,GET,HEAD,OPTIONS
access-control-allow-origin: *
content-length: 0
date: Sat, 01 Apr 2023 00:29:26 GMT
server: nginx/1.23.2

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/a8a82492-0c3a-47ff-bc3d-5d35a439fce5/0d93ad96-c84b-4ec9-a3d0-7d5e5dc470c2/ 94 KB
20 KB 52ms
52ms Fetch
application/x-javascript 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/a8a82492-0c3a-47ff-bc3d-5d35a439fce5/0d93ad96-c84b-4ec9-a3d0-7d5e5dc470c2/en.json

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2eefd5f3483269f61d45bf6ffc8abe8c15f37afff383a231269c2f4b38bcec20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 01 Apr 2023 00:29:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-md5: Py2W64sqIa+xhQzAZA4I5Q==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 20103
x-ms-lease-status: unlocked
last-modified: Thu, 08 Dec 2022 20:32:29 GMT
server: cloudflare
etag: 0x8DAD95B5369BBE1
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: e35ff428-301e-0099-1662-635724000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7b0cb7be3d6ef0af-CDG
expires: Sun, 02 Apr 2023 00:29:26 GMT

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202211.1.0/assets/ 13 KB
3 KB 51ms
51ms Fetch
application/json 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202211.1.0/assets/otFlat.json

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 01 Apr 2023 00:29:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-md5: e46v9E9tm8neLGw2SIjXTA==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3020
x-ms-lease-status: unlocked
last-modified: Thu, 15 Dec 2022 13:29:55 GMT
server: cloudflare
etag: 0x8DADEA0743223DD
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 6d8b3e8b-101e-002f-6e62-6359dc000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7b0cb7becdeff0af-CDG

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/202211.1.0/assets/v2/ 62 KB
13 KB 55ms
53ms Fetch
application/json 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202211.1.0/assets/v2/otPcTab.json

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5692dfa264970c3a29c0212caa5e80a55278a42dab62500d549eab68c552b62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 01 Apr 2023 00:29:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-md5: sIDqWvczZEaSARhn3iqiZg==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 13321
x-ms-lease-status: unlocked
last-modified: Thu, 15 Dec 2022 13:29:57 GMT
server: cloudflare
etag: 0x8DADEA075C50AB0
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 65b846c7-501e-010e-0762-6372b8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7b0cb7becdf2f0af-CDG

GET
H2 200 otCookieSettingsButton.json Show response
cdn.cookielaw.org/scripttemplates/202211.1.0/assets/ 5 KB
2 KB 68ms
66ms Fetch
application/json 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202211.1.0/assets/otCookieSettingsButton.json

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a09d0f89e99cf5a081315ff701187632005dabd23f3ca116a75790003faa7e8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 01 Apr 2023 00:29:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-md5: mKXyB0i0e/ovyyYLJHrm7w==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1767
x-ms-lease-status: unlocked
last-modified: Thu, 15 Dec 2022 13:29:57 GMT
server: cloudflare
etag: 0x8DADEA07546ECE3
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: fd8a431a-301e-00bb-0262-633912000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7b0cb7becdf4f0af-CDG

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202211.1.0/assets/ 21 KB
4 KB 56ms
54ms Fetch
text/css 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202211.1.0/assets/otCommonStyles.css

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 01 Apr 2023 00:29:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: gzip
content-md5: XcxlleAcPGO2n5kTZrHH2Q==
x-ms-lease-status: unlocked
last-modified: Thu, 15 Dec 2022 13:30:09 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: a84774be-401e-017c-0362-630386000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7b0cb7becdf5f0af-CDG

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 7D7E 102 B
134 B 49ms
41ms Other
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=fr&v=NZrMWHVy58-S9gVvad9HVGxk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9f3c76da4543257b29cbf4d10348fc0256ce83c2d6a2363d99fa8d69b8b8ca28

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld38BkUAAAAAPATwit3FXvga1PI6iVTb6zgXw62&co=aHR0cHM6Ly93d3cuY294LmNvbTo0NDM.&hl=fr&v=NZrMWHVy58-S9gVvad9HVGxk&size=normal&cb=abr2qqsh744p
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 00:29:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Sat, 01 Apr 2023 00:29:26 GMT

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
492 B 59ms
57ms Fetch
image/svg+xml 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 01 Apr 2023 00:29:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
x-ms-lease-status: unlocked
last-modified: Wed, 29 Mar 2023 06:31:59 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: a3115ddf-801e-010c-4262-637042000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7b0cb7bfceb9f0af-CDG

GET
H2 200 ot_company_logo.png
cdn.cookielaw.org/logos/static/ 4 KB
4 KB 37ms
36ms Image
image/png 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_company_logo.png

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 01 Apr 2023 00:29:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: E8+sk/ECzKgTUVtDLikiIA==
age: 73242
content-length: 4036
x-ms-lease-status: unlocked
last-modified: Wed, 29 Mar 2023 06:32:00 GMT
server: cloudflare
etag: 0x8DB301F4D375515
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 53754785-c01e-00c3-28bd-6251a5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7b0cb7bffb5af8cd-CDG

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 30ms
29ms Image
image/svg+xml 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 01 Apr 2023 00:29:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 73242
x-ms-lease-status: unlocked
last-modified: Wed, 29 Mar 2023 06:32:00 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 3b7cb77f-201e-00a4-42bd-62e202000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7b0cb7bffb5bf8cd-CDG

POST
H2 200 mon Show response
en.rageagainstthesoap.com/ 0
124 B 112ms
111ms XHR
application/json 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://en.rageagainstthesoap.com/mon
Requested by: Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://barleflorian.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://barleflorian.com
date: Sat, 01 Apr 2023 00:29:26 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 131 KB
51 KB 39ms
38ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1064316744

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c78e74b2b71ebb8b80127e74bc408d52dcbf9ea4b97e2fcfcced7e4abc63879d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 00:29:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51682
x-xss-protection: 0
last-modified: Sat, 01 Apr 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 01 Apr 2023 00:29:26 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 131 KB
51 KB 52ms
52ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1064316744&l=dataLayer&cx=c

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

92b7bb642d79fb4f787ad34e13f0cd5d3dc823a1d2d3191ae227b0aa66959041

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 00:29:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51701
x-xss-protection: 0
last-modified: Sat, 01 Apr 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 01 Apr 2023 00:29:26 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ Frame 1084 40 KB
12 KB 109ms
36ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sat, 01 Apr 2023 00:29:26 GMT
last-modified: Thu, 16 Feb 2023 18:31:53 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E64EBD14E23E4293884EDBC9BF0128F9 Ref B: LTSEDGE1408 Ref C: 2023-04-01T00:29:26Z
etag: "8072cff03442d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11894

GET
H2 200 tc_imp.gif
en.rageagainstthesoap.com/tracker/ 43 B
79 B 110ms
109ms Image
image/gif 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://en.rageagainstthesoap.com/tracker/tc_imp.gif?e=37dfbd8ee84e001362eec435e24e8c9b9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5c16886a2117071a10acf9f29f671fd0d5dc042d361dff2d2357d269dd34cf563556259753540a3c075d94b76c1c77be26bb25cb43e2913bf05365a80c797a1bda53ec4ef4c3d6da39bb2807ff7ecaa8556d8e0e3143714493d60265f660b3f493a0180dec1edae97dfa2bc8169b1adc597cff3200e714561c4b92177af998ffe4198b6dec06c213f85e162ae7d133722b325f817c99ec59b058609fc6e359143e3dd385293e88864c06513c157a77bb9e70392652b48d1c2ad7f4ec3ee3b8192d4079b4a7a4958677a0d8db5ce8489d5c3872aeb9cce4b46d8fd9e16c893008c3e5db6e4d57e56b7da0971532efd8fd72d904ac40b2871c971cc3cc2cc66b32c79c24db65c3d7e0a59df3f1477fe425b5bbfa214d26f9913f82be50eb0102419457459a8280d8cffb813ec53adb9db9c479e3733621963728929b9a426adcef65be0cf79a009f74a16b4f46588135a81bd6c0a23ff6c73ec05cbfdc929b77895a5560f11e4c022f123087ad23ec05f0fcc76ae59e25a5c3629a95eabe25d9fea74f617a8ff94e43cbf7511a42baace33eb63088f840fdbe7ff425f760d10a8b4ac5a22e99083bf6f9c3156366355d6e720805a0f3917ece10e1173d1f70adea0ba6cc0a06eca5cda6ae2e9effee9785e4acf34d533ff84e9aab5f6e825f781dd767416c6ff07fb36b1ac4ebdd7e8c60d54897b97888e1598b711d203e037a1b9cc3e4d3357d50847c10dca581c3b49e0d7b9af7ca7dd3926167ca9157653deb9bcb573fb6218d5f9c1aeb369d17c5956eabf85080c288acd80f139581671c906ab4c9f5f2428e6626171b956e4b50b2a35786ea11d4c2e3b315b4fecf4a755621d86aec0dcb47ae932bd664512b2a57616da31ed7933955a57d94f6b164a5901edd302af04f1e79c8b18e5448e470e99c448f45230a49bf323090ef8a39d95d3f869753fc9dcff5de07860149304ab12474409691104ee57fb4bcd327d196b052416efb29594876934803bdc0b04f039a34208fd4d20c&cri=xoYcgq3Y5b&ts=576&cb=1680308966428
Requested by: Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
date: Sat, 01 Apr 2023 00:29:26 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame BA8E 7 KB
1 KB 38ms
36ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=fr&v=NZrMWHVy58-S9gVvad9HVGxk&k=6Ld38BkUAAAAAPATwit3FXvga1PI6iVTb6zgXw62

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/recaptcha__fr.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

942c2363fc0cc1cce0b910a2ff7423648e33cf375ac57a059dbea8d10796a61d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tzTNWN8qMSNW6K58tay52A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cox.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1120
content-security-policy: script-src 'report-sample' 'nonce-tzTNWN8qMSNW6K58tay52A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 01 Apr 2023 00:29:26 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1064316744/ 3 KB
1 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1064316744/?random=1680308966497&cv=11&fst=1680308966497&bg=ffffff&guid=ON&async=1&gtm=45be33t0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbarleflorian.com%2Fwp-admin%2Fnetwork%2Fkaltoon%2Fauthen&hn=www.googleadservices.com&frm=0&tiba=Cox%20Login%20-%20Sign%20Into%20Your%20Cox%20Account&auid=1616355195.1680308967&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bbf125e4784975787be2ff4cdbba5d2d87c2492eefa8b4b2a332f77c156e57a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Apr 2023 00:29:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1246
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/1064316744/ 3 KB
2 KB 48ms
47ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1064316744/?random=1680308966516&cv=11&fst=1680308966516&bg=ffffff&guid=ON&async=1&gtm=45be33t0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbarleflorian.com%2Fwp-admin%2Fnetwork%2Fkaltoon%2Fauthen&label=aF0wCPPtkpMYEMjewPsD&hn=www.googleadservices.com&frm=0&tiba=Cox%20Login%20-%20Sign%20Into%20Your%20Cox%20Account&gtm_ee=1&auid=1616355195.1680308967&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

df7b6da907b0b991873a1ba17af1b90b749bf6b051923487189ff4c9d9a32d3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Apr 2023 00:29:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1582
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/ Frame BA8E 55 KB
24 KB 41ms
40ms Stylesheet
text/css 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=fr&v=NZrMWHVy58-S9gVvad9HVGxk&k=6Ld38BkUAAAAAPATwit3FXvga1PI6iVTb6zgXw62

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 22:44:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6302
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 00:02:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 30 Mar 2024 22:44:24 GMT

GET
H3 200 recaptcha__fr.js Show response
www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/ Frame BA8E 411 KB
164 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/recaptcha__fr.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=fr&v=NZrMWHVy58-S9gVvad9HVGxk&k=6Ld38BkUAAAAAPATwit3FXvga1PI6iVTb6zgXw62

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76cd73d136711684a382feb832d651c907108ccb0a6fec971f08083f6ed1c953

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 09:06:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 314553
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167913
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 00:02:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Mar 2024 09:06:53 GMT

GET
H2 204 199003413.js Show response
bat.bing.com/p/action/ Frame 1084 0
135 B 111ms
110ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/199003413.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Sat, 01 Apr 2023 00:29:26 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 43862A0E36D4436EBF5D168FADB318D0 Ref B: LTSEDGE1408 Ref C: 2023-04-01T00:29:26Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ Frame 1084 0
286 B 41ms
40ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=199003413&Ver=2&mid=cf2c6b40-b46b-4e68-8ec7-8bb53c43860b&sid=42256c00d02411ed94efdf3733f14d2a&vid=4225dae0d02411edb20251e8a5e7bc54&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fbarleflorian.com%2Fwp-admin%2Fnetwork%2Fkaltoon%2Fauthen&r=&lt=30&evt=pageLoad&ifm=1&sv=1&rn=580134

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 01 Apr 2023 00:29:26 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CAC961D034134AEB862FCB90F0A4D284 Ref B: LTSEDGE1408 Ref C: 2023-04-01T00:29:26Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.fr/pagead/1p-conversion/1064316744/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1064316744/?random=493070337&cv=11&fst=1680308966516&bg=ffffff&guid=ON&async=1&gtm=45be33t0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbarl...
https://www.google.com/pagead/1p-conversion/1064316744/?random=493070337&cv=11&fst=1680308966516&bg=ffffff&guid=ON&async=1&gtm=45be33t0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbarleflorian.com%2Fwp-adm...
https://www.google.fr/pagead/1p-conversion/1064316744/?random=493070337&cv=11&fst=1680308966516&bg=ffffff&guid=ON&async=1&gtm=45be33t0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbarleflorian.com%2Fwp-admi...

42 B
64 B

38ms
38ms

Image
image/gif

2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/pagead/1p-conversion/1064316744/?random=493070337&cv=11&fst=1680308966516&bg=ffffff&guid=ON&async=1&gtm=45be33t0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbarleflorian.com%2Fwp-admin%2Fnetwork%2Fkaltoon%2Fauthen&label=aF0wCPPtkpMYEMjewPsD&hn=www.googleadservices.com&frm=0&tiba=Cox%20Login%20-%20Sign%20Into%20Your%20Cox%20Account&gtm_ee=1&auid=1616355195.1680308967&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOEltYW9RWVE4TV9EeVpfdXpZaFJFaVlBbHdBczRJSEtHMnZQNC01Zk1iUkg4NklUcUlsMXhwdXdsNldlbDEwUDdBTDVwY0NNZEEaWENoQUk4SW1hb1FZUWhLZUY1ckhyZ0lackVpNEFiNGdOTXVSVFNFS08yZ3ZhVDR5d1V1bzFrc016dWtfa2ZNdHIxOHllU2FCS3VhZjVSdDlIcnhUSFV4azQ&is_vtc=1&ocp_id=5nonZMT-ILqs9u8Ps6iB6A0&cid=CAQSKQDUE5ymXoDLIGm9I4gRG2lJ3Gu3ApQWPR7N6mO8eXIuopmpWK2z9M8E&random=4019195379&ipr=y&prhg=0

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Apr 2023 00:29:26 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 01 Apr 2023 00:29:26 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.fr/pagead/1p-conversion/1064316744/?random=493070337&cv=11&fst=1680308966516&bg=ffffff&guid=ON&async=1&gtm=45be33t0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbarleflorian.com%2Fwp-admin%2Fnetwork%2Fkaltoon%2Fauthen&label=aF0wCPPtkpMYEMjewPsD&hn=www.googleadservices.com&frm=0&tiba=Cox%20Login%20-%20Sign%20Into%20Your%20Cox%20Account&gtm_ee=1&auid=1616355195.1680308967&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOEltYW9RWVE4TV9EeVpfdXpZaFJFaVlBbHdBczRJSEtHMnZQNC01Zk1iUkg4NklUcUlsMXhwdXdsNldlbDEwUDdBTDVwY0NNZEEaWENoQUk4SW1hb1FZUWhLZUY1ckhyZ0lackVpNEFiNGdOTXVSVFNFS08yZ3ZhVDR5d1V1bzFrc016dWtfa2ZNdHIxOHllU2FCS3VhZjVSdDlIcnhUSFV4azQ&is_vtc=1&ocp_id=5nonZMT-ILqs9u8Ps6iB6A0&cid=CAQSKQDUE5ymXoDLIGm9I4gRG2lJ3Gu3ApQWPR7N6mO8eXIuopmpWK2z9M8E&random=4019195379&ipr=y&prhg=0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1064316744/ 42 B
64 B 39ms
37ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1064316744/?random=1680308966497&cv=11&fst=1680307200000&bg=ffffff&guid=ON&async=1&gtm=45be33t0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbarleflorian.com%2Fwp-admin%2Fnetwork%2Fkaltoon%2Fauthen&frm=0&tiba=Cox%20Login%20-%20Sign%20Into%20Your%20Cox%20Account&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2420549530&rmt_tld=0&ipr=y

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Apr 2023 00:29:26 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.fr/pagead/1p-user-list/1064316744/ 42 B
108 B 40ms
36ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/pagead/1p-user-list/1064316744/?random=1680308966497&cv=11&fst=1680307200000&bg=ffffff&guid=ON&async=1&gtm=45be33t0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbarleflorian.com%2Fwp-admin%2Fnetwork%2Fkaltoon%2Fauthen&frm=0&tiba=Cox%20Login%20-%20Sign%20Into%20Your%20Cox%20Account&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2420549530&rmt_tld=1&ipr=y

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Apr 2023 00:29:26 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 cd74bace-f946-4c14-84d5-00ef971de734 Show response
brain.foresee.com/state/cox_communications/ 1 KB
2 KB 100ms
100ms XHR
application/json 34.193.189.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://brain.foresee.com/state/cox_communications/cd74bace-f946-4c14-84d5-00ef971de734

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.189.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-189-214.compute-1.amazonaws.com

Software

Resource Hash

ec42ff20fb50dd89f8afbfddda6be868264cdea7e7aa1ae88b711d29cd8bfd1c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://barleflorian.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sat, 01 Apr 2023 00:29:26 GMT
user-hash: f9afde5a75d3964344d22f57bcfcaf007d735e91
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
brain-server-version: 1.12.0
cache-control: private, no-cache, no-store, must-revalidate
app-info: brain 1.12.0
content-length: 1317
x-xss-protection: 0
expires: -1

OPTIONS
H2 204 cd74bace-f946-4c14-84d5-00ef971de734
brain.foresee.com/state/cox_communications/ Frame 0
0 98ms
97ms Preflight 34.193.189.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.foresee.com/state/cox_communications/cd74bace-f946-4c14-84d5-00ef971de734
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.189.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-189-214.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://barleflorian.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 600
date: Sat, 01 Apr 2023 00:29:26 GMT
vary: Access-Control-Request-Headers

GET
H/1.1 200
OK t.js Show response
dds6m601du5ji.cloudfront.net/vop/v2/ 3 KB
2 KB 22ms
22ms Script
application/javascript 108.138.7.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dds6m601du5ji.cloudfront.net/vop/v2/t.js

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-55.fra56.r.cloudfront.net

Software

Resource Hash

f7c20d02ef54341b1562afe8db32d1bc701bb7974db2ffc0a560097e3875c1be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Mon, 27 Mar 2023 10:17:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Via: 1.1 e1f996a9009532eeea33edfd32ef3240.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P6
Age: 396736
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 19 Mar 2023 13:43:46 GMT
ETag: W/"2603-1679233426000"
X-Frame-Options: DENY
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=604800
X-Amz-Cf-Id: M4-K37cid1e-FENKQY7vhqcUWEqjaNqTUFl9o7E3Qg_EAxeFFVctfQ==

GET
H2 200 generic1679575339993.js Show response
resources.digital-cloud.medallia.com/wdcus/190881/onsite/ 400 KB
83 KB 27ms
26ms Script
application/javascript 146.75.121.230
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.digital-cloud.medallia.com/wdcus/190881/onsite/generic1679575339993.js

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

146.75.121.230 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

13f207b9c8c2ed84ab67c072c9ed083cf244f2688c8b16dc6da8a84ff061a1fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 00:29:26 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31557600
age: 308943
x-cache: HIT
content-length: 84832
x-served-by: cache-hhn-etou8220069-HHN
last-modified: Thu, 23 Mar 2023 12:42:21 GMT
x-timer: S1680308967.768673,VS0,VE2
etag: "332bc417f73c87b936231320d9b0e7cf"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1

GET
H/1.1 200
OK 55a0768cf0 Show response
bam-cell.nr-data.net/1/ 49 B
483 B 112ms
112ms Script
text/javascript 162.247.243.30
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/55a0768cf0?a=810646484&sa=1&v=1209.f04e2b9&t=Unnamed%20Transaction&rst=6079&ck=1&ref=https://barleflorian.com/wp-admin/network/kaltoon/authen&be=4413&fe=6067&dc=5286&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1680308960680,%22n%22:0,%22r%22:1,%22re%22:3232,%22f%22:3232,%22dn%22:3232,%22dne%22:3232,%22c%22:3232,%22ce%22:3232,%22rq%22:3232,%22rp%22:3294,%22rpe%22:3313,%22dl%22:3296,%22di%22:4501,%22ds%22:5284,%22de%22:5287,%22dc%22:6067,%22l%22:6067,%22le%22:6074%7D,%22navigation%22:%7B%22rc%22:2%7D%7D&fp=5219&fcp=5219&jsonp=NREUM.setToken
Requested by: Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.30 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 00:29:26 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 49
x-served-by: cache-cdg20731-CDG

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1034109468/ 3 KB
1 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1034109468/?random=1680308966767&cv=9&fst=1680308966767&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=ecomm_pagetype%3Dother%3Becomm_value%3D0&frm=0&url=https%3A%2F%2Fbarleflorian.com%2Fwp-admin%2Fnetwork%2Fkaltoon%2Fauthen&tiba=Cox%20Login%20-%20Sign%20Into%20Your%20Cox%20Account&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1&rfmt=3&fmt=4

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d02b2d5d4e52b25cce4765289d93d4e3e6290d4c95835b9fdc0fac413481787a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Apr 2023 00:29:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1323
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK 03827059-0812-4943-8f3b-b017db23bc6f
https://barleflorian.com/ 15 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://barleflorian.com/03827059-0812-4943-8f3b-b017db23bc6f
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 201242fa9d0790c94f155d3e4dc2f62636c0ab5b4314a0d4ddce22b4fefb8ede

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Length: 15657
Content-Type: application/javascript

GET
H2 200 j
s-vop.sundaysky.com/t/v1/ 0
319 B 361ms
113ms Image
text/plain 52.0.245.167
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-vop.sundaysky.com/t/v1/j?a=cox&ap=1&m=uui&pb=f&sp=https%3A%2F%2Fbarleflorian.com%2Fwp-admin%2Fnetwork%2Fkaltoon%2Fauthen&cb=339302867&udt.sku=%20&udt.bu=res%3Asign-in&udt.rampid=null&udt[cat]=%5B%5D&udt.segment=visitor

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.0.245.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-245-167.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Apr 2023 00:29:27 GMT
x-content-type-options: nosniff
x-frame-options: DENY
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI PUR COM NAV INT DEM STA PRE"
cache-control: private, no-cache, no-cache=Set-Cookie, must-revalidate, proxy-revalidate, max-age=0
content-length: 0
x-xss-protection: 1; mode=block
expires: Sat, 1 Apr 2000 00:00:00 GMT

POST
H2 200 mon Show response
en.rageagainstthesoap.com/ 0
16 B 100ms
91ms XHR
application/json 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://en.rageagainstthesoap.com/mon
Requested by: Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://barleflorian.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://barleflorian.com
date: Sat, 01 Apr 2023 00:29:26 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

GET
H3 200 /
www.google.com/pagead/1p-user-list/1034109468/ 42 B
64 B 45ms
36ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1034109468/?random=1680308966767&cv=9&fst=1680307200000&num=1&guid=ON&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=ecomm_pagetype%3Dother%3Becomm_value%3D0&frm=0&url=https%3A%2F%2Fbarleflorian.com%2Fwp-admin%2Fnetwork%2Fkaltoon%2Fauthen&tiba=Cox%20Login%20-%20Sign%20Into%20Your%20Cox%20Account&async=1&fmt=3&is_vtc=1&random=4111021805&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Apr 2023 00:29:26 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.fr/pagead/1p-user-list/1034109468/ 42 B
64 B 44ms
35ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/pagead/1p-user-list/1034109468/?random=1680308966767&cv=9&fst=1680307200000&num=1&guid=ON&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=ecomm_pagetype%3Dother%3Becomm_value%3D0&frm=0&url=https%3A%2F%2Fbarleflorian.com%2Fwp-admin%2Fnetwork%2Fkaltoon%2Fauthen&tiba=Cox%20Login%20-%20Sign%20Into%20Your%20Cox%20Account&async=1&fmt=3&is_vtc=1&random=4111021805&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Apr 2023 00:29:26 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 __cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 0
318 B 162ms
99ms Image
image/gif 35.241.45.82
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExMS4wLjU1NjMuMTQ2IFNhZmFyaS81MzcuMzYiLCJzZXNzaW9uX3BsYXRmb3JtIjogIldpbjMyIiwicGFnZV90aXRsZSI6ICJDb3ggTG9naW4gLSBTaWduIEludG8gWW91ciBDb3ggQWNjb3VudCIsInBhZ2VfdXJsIjogImh0dHBzOi8vYmFybGVmbG9yaWFuLmNvbS93cC1hZG1pbi9uZXR3b3JrL2thbHRvb24vYXV0aGVuIiwidHJhY2tlcl90eXBlIjogImphdmFzY3JpcHQiLCJ0cmFja2VyX3ZlcnNpb24iOiAiMi4yLjIzIiwiZXZlbnRfbmFtZSI6ICJuZWJ1bGFfcGFnZV92aWV3IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE2ODAzMDg5NjY4NjIiLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAwLCJ1c2VyX2lkIjogIjE4NzNhMzgxNWJmNDAzLTA4ODIwMzA3NTQxODJiLTYyM2I1NTU2LTFkNGMwMC0xODczYTM4MTVjMDllNiIsImVudmlyb21lbnQiOiAiZGlnaXRhbC1jbG91ZC11cyIsImFjY291bnRJZCI6IDE5MDg3OSwidXJsIjogImh0dHBzOi8vYmFybGVmbG9yaWFuLmNvbS93cC1hZG1pbi9uZXR3b3JrL2thbHRvb24vYXV0aGVuIiwid2Vic2l0ZUlkIjogMTkwODgxLCJmb3JtSWQiOiBudWxsLCJmb3JtVHJpZ2dlclR5cGUiOiBudWxsLCJrYW1weWxlX2RhdGEiOiB7Im1kX2lzU3VydmV5U3VibWl0dGVkSW5TZXNzaW9uIjogIiIsIkxBU1RfSU5WSVRBVElPTl9WSUVXIjogIiIsIkRFQ0xJTkVEX0RBVEUiOiAiIiwia2FtcHlsZUludml0ZVByZXNlbnRlZCI6ICIiLCJrYW1weWxlX3VzZXJpZCI6ICIxZjIzLWFkM2QtNmY5ZC1mYzcyLWVlMDMtYmEyZS03MzYwLWMxZTAiLCJrYW1weWxlVXNlclNlc3Npb24iOiAiMTY4MDMwODk2Njg1OCIsImthbXB5bGVVc2VyUGVyY2VudGlsZSI6ICIiLCJTVUJNSVRURURfREFURSI6ICIifSwiY29va2llX3NpemUiOiAyMDUyLCJrYW1weWxlX3ZlcnNpb24iOiAiMi40OS4wIiwib25zaXRlX3ZlcnNpb24iOiAiMi40OS4wIiwiaGlzdG9yeV9sZW5ndGgiOiAyLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNjgwMzA4OTY2ODYyLCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZX0KXX0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 82.45.241.35.bc.googleusercontent.com
Software: Jetty(9.2.11.v20150529) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://barleflorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-me: prod-instance-gatewayservice-green-h5v1
date: Sat, 01 Apr 2023 00:29:26 GMT
via: 1.1 google
server: Jetty(9.2.11.v20150529)
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: image/gif; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
content-length: 0
x-application-context: application:9090

POST
H2 200 cd74bace-f946-4c14-84d5-00ef971de734 Show response
brain.foresee.com/state/cox_communications/ 1 KB
2 KB 98ms
98ms XHR
application/json 34.193.189.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://brain.foresee.com/state/cox_communications/cd74bace-f946-4c14-84d5-00ef971de734

Requested by

Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.189.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-189-214.compute-1.amazonaws.com

Software

Resource Hash

c8c7b2da34110e5b414033c270d19748af274f3c295e4280a425f2a18063256f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://barleflorian.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sat, 01 Apr 2023 00:29:27 GMT
user-hash: f9afde5a75d3964344d22f57bcfcaf007d735e91
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
brain-server-version: 1.12.0
cache-control: private, no-cache, no-store, must-revalidate
app-info: brain 1.12.0
content-length: 1370
x-xss-protection: 0
expires: -1

OPTIONS
H2 204 cd74bace-f946-4c14-84d5-00ef971de734
brain.foresee.com/state/cox_communications/ Frame 0
0 98ms
97ms Preflight 34.193.189.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.foresee.com/state/cox_communications/cd74bace-f946-4c14-84d5-00ef971de734
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.189.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-189-214.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://barleflorian.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 600
date: Sat, 01 Apr 2023 00:29:27 GMT
vary: Access-Control-Request-Headers

POST
H2 200 mon Show response
en.rageagainstthesoap.com/ 0
39 B 101ms
101ms XHR
application/json 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://en.rageagainstthesoap.com/mon
Requested by: Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://barleflorian.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://barleflorian.com
date: Sat, 01 Apr 2023 00:29:27 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

POST
H2 200 mon Show response
en.rageagainstthesoap.com/ 0
16 B 110ms
109ms XHR
application/json 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://en.rageagainstthesoap.com/mon
Requested by: Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://barleflorian.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://barleflorian.com
date: Sat, 01 Apr 2023 00:29:27 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

POST
H2 200 mon Show response
en.rageagainstthesoap.com/ 0
39 B 97ms
97ms XHR
application/json 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://en.rageagainstthesoap.com/mon
Requested by: Host: barleflorian.com
URL: https://barleflorian.com/wp-admin/network/kaltoon/authen
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://barleflorian.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://barleflorian.com
date: Sat, 01 Apr 2023 00:29:29 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

POST mon
en.rageagainstthesoap.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: en.rageagainstthesoap.com
URL: https://en.rageagainstthesoap.com/mon

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Cox (Telecommunication)

181 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

44 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.decibelinsight.net/i/14047/	1970-01-20 19:30:44	Name: da_lid Value: -3AC62E549A73EA13B977BB99F16E0A0F85\|0\|0\|0
.decibelinsight.net/i/14047/	1970-01-20 10:45:10	Name: da_sid Value: 09F51D678E33AE882C26AA13B36C400436\|3\|0\|3
barleflorian.com/	1970-01-20 10:45:16	Name: cazanova Value: qmlg9moc95oi24n4884n2nshdm64dfko
.cox.com/	1970-01-20 19:30:38	Name: visid_incap_2781768 Value: 9ITOPzloR8WzWiEODnXGfON6J2QAAAAAQUIPAAAAAACMGeodbZpXMO1ea9YWnKIP
.cox.com/	1969-12-31 23:59:59	Name: nlbi_2781768 Value: bxPcY1dLFiP4o2ISu5PrqQAAAADq/Mrw0KL9dKo1RcDDZRFR
.cox.com/	1969-12-31 23:59:59	Name: incap_ses_1517_2781768 Value: HPyKYQhbEguJPoSX4XcNFeN6J2QAAAAApQ+/18PVunPOpses+GBM9Q==
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: fe61acd3abb3ddd3
.barleflorian.com/	1969-12-31 23:59:59	Name: at_check Value: true
.demdex.net/	1970-01-20 15:04:20	Name: demdex Value: 09713322260839989722115954736324029747
.barleflorian.com/	1969-12-31 23:59:59	Name: AMCVS_8C6767C25245AD1A0A490D4C%40AdobeOrg Value: 1
.barleflorian.com/	1969-12-31 23:59:59	Name: ref_ses Value: https://barleflorian.com/wp-admin/network/kaltoon/authen
.barleflorian.com/	1970-01-20 20:21:08	Name: _4c_ Value: %7B%22_4c_mc_%22%3A%22cd74bace-f946-4c14-84d5-00ef971de734%22%7D
.cox.com/	1970-01-20 19:30:38	Name: visid_incap_1334424 Value: 6qVmH785RCK/pwD8SNb6xuR6J2QAAAAAQUIPAAAAAACeXRUZWCfjN6xMY16fc0G7
.cox.com/	1969-12-31 23:59:59	Name: incap_ses_1517_1334424 Value: sPgZFqfXdWFoP4SX4XcNFeR6J2QAAAAAZpaP5XWvVQqT2kQ2Wi1TVw==
.barleflorian.com/	1970-01-20 20:21:08	Name: AMCV_8C6767C25245AD1A0A490D4C%40AdobeOrg Value: -1124106680%7CMCIDTS%7C19449%7CMCMID%7C09397608975302973382102353724866173493%7CMCAAMLH-1680913765%7C6%7CMCAAMB-1680913765%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1680316165s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0
.barleflorian.com/	1970-01-20 20:21:08	Name: mbox Value: session#24d40fbd58524050bb3ba227f8dfdf90#1680310826\|PC#24d40fbd58524050bb3ba227f8dfdf90.37_0#1743553766
.barleflorian.com/	1970-01-20 10:45:10	Name: mboxEdgeCluster Value: 37
.boldchat.com/	1970-01-20 19:30:44	Name: bc-visitor-id Value: 801950397597933140=803088579612554970T226AECC321BFC182C8F01A9CE223BDF57C78EE01DC17F4D1F85120DCE2F2378ACB4E4E0678A871130ABEE6379E92650C27F2F6909AE51435F9D4AA066DE330AF
.boldchat.com/	1969-12-31 23:59:59	Name: bc-visit-id Value: 801950397597933140=803088579520632384TDF2D13441B2B82213DB13B8CF84FD7A10781BE897611D8B7E0B91B390B5E11F2070F9E9036F62761BB145C92E5CD5584A8852DD6E48D7371A1C89B216361087E
.barleflorian.com/	1970-01-20 12:56:32	Name: _cq_duid Value: 1.1680308965.TeyFhH4dnN4wG0um
.barleflorian.com/	1969-12-31 23:59:59	Name: _cq_suid Value: 1.1680308965.mMcrRRi0NpxAJQlO
.barleflorian.com/	1969-12-31 23:59:59	Name: _bcvm_vid_undefined Value: 803088579520632384TDF2D13441B2B82213DB13B8CF84FD7A10781BE897611D8B7E0B91B390B5E11F2070F9E9036F62761BB145C92E5CD5584A8852DD6E48D7371A1C89B216361087E
.barleflorian.com/	1970-01-20 19:30:44	Name: _bcvm_vrid_undefined Value: 803088579612554970T226AECC321BFC182C8F01A9CE223BDF57C78EE01DC17F4D1F85120DCE2F2378ACB4E4E0678A871130ABEE6379E92650C27F2F6909AE51435F9D4AA066DE330AF
.cox.com/	1969-12-31 23:59:59	Name: nlbi_1334424_2147483392 Value: 6EYfemN7yUAtri0i9DWdPgAAAABrIQ/JYMlI9iy84HOnyU4X
en.rageagainstthesoap.com/	1970-01-20 18:48:59	Name: cg_uuid Value: fbfe31961edceb2f8b5c641de932b97c
.barleflorian.com/	1970-01-20 12:54:44	Name: _gcl_au Value: 1.1.1616355195.1680308967
.barleflorian.com/	1970-01-20 10:46:35	Name: _uetsid Value: 42256c00d02411ed94efdf3733f14d2a
.barleflorian.com/	1970-01-20 20:06:44	Name: _uetvid Value: 4225dae0d02411edb20251e8a5e7bc54
.doubleclick.net/	1970-01-20 20:06:44	Name: IDE Value: AHWqTUlK7vsQITtAr4ofodkTvm9h3a91N28pjoCdkqV1rb0IWvJnwl1TfAsyi9au
.bing.com/	1970-01-20 20:06:44	Name: MUID Value: 30DC3FAF3847615C1BD72D49397F60C2
.barleflorian.com/	1970-01-20 19:30:44	Name: utag_main Value: v_id:01873a380fa20017e0b917a92bc903074003806c00b08$_sn:1$_se:3$_ss:0$_st:1680310766751$ses_id:1680308965282%3Bexp-session$_pn:1%3Bexp-session$offer_origin:coxcom%3Bexp-session$vapi_domain:barleflorian.com
.barleflorian.com/	1970-01-20 10:55:13	Name: mpt_rate_comparator_50031 Value: 38.07145125777585\|1682900966775
.barleflorian.com/	1970-01-20 10:55:13	Name: mpt_vid Value: 168030896677638912\|1743380966776
.barleflorian.com/	1970-01-20 10:45:10	Name: mpt_recording_to_buffer_50031 Value: 1\|session_timeout
.barleflorian.com/	1970-01-20 10:45:10	Name: mpt_conditional_import_50031 Value: 1\|session_timeout
.barleflorian.com/	1970-01-20 10:45:10	Name: mpt_tracking_active_50031 Value: 1\|session_timeout
barleflorian.com/	1970-01-20 19:30:44	Name: mdLogger Value: false
barleflorian.com/	1970-01-20 19:30:44	Name: kampyle_userid Value: 1f23-ad3d-6f9d-fc72-ee03-ba2e-7360-c1e0
barleflorian.com/	1970-01-20 19:30:44	Name: kampyleUserSession Value: 1680308966858
barleflorian.com/	1970-01-20 19:30:44	Name: kampyleUserSessionsCount Value: 1
barleflorian.com/	1970-01-20 19:30:44	Name: kampyleSessionPageCounter Value: 1
.barleflorian.com/	1970-01-20 10:45:10	Name: da_sid Value: 09F51D678E33AE882C26AA13B36C400436\|3\|0\|3
.barleflorian.com/	1970-01-20 19:30:44	Name: da_lid Value: 3AC62E549A73EA13B977BB99F16E0A0F85\|0\|0\|0
.barleflorian.com/	1970-01-20 10:45:10	Name: da_intState Value:

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://barleflorian.com/wp-admin/network/kaltoon/authen(Line 448) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security	warning	URL: https://barleflorian.com/wp-admin/network/kaltoon/authen(Line 448) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
network	error	URL: https://barleflorian.com/u-But-can-To-farry-of-sure-And-againe-Rosse-You- Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://vms.boldchat.com/aid/807690351445127928/bc.evi?script=true&&blur=false&vm=true&poll=65000&swidth=1500&sheight=1000&sdpi=192&pve=802580327489579452T4E2B6A15A0D7F7C3A6DD80A3AABE3E5575CF995F4006B9BF3B8BCB3DFAF24641C55C8EADA3656B3A4DEE93DF22C55051246DC2F4BCC2392AA3617EFAFB5550DD&url=https%3A%2F%2Fwww.cox.com%2Fcontent%2Fdam%2Fcox%2Fokta%2Fsignin.html%3Fonsuccess%3Dhttps%253A%252F%252Fwww.cox.com%252Fwebapi%252Fcdncache%252Fcookieset%253Fresource%253Dhttps%253A%252F%252Fwww.cox.com%252Fresaccount%252Fhome.cox&referrer=https%3A%2F%2Fwww.cox.com%2Fcontent%2Fdam%2Fcox%2Fokta%2F&wdid=801950397597933140&pvid=802580327489579452T4E2B6A15A0D7F7C3A6DD80A3AABE3E5575CF995F4006B9BF3B8BCB3DFAF24641C55C8EADA3656B3A4DEE93DF22C55051246DC2F4BCC2392AA3617EFAFB5550DD&1629483773078&tabIdentifier=3000913361800367778&extendedInfo_siteID=N%2FA&extendedInfo_easyPay=N%2FA&extendedInfo_flowName=N%2FA&extendedInfo_flowProgram=N%2FA&_bcvm_vrid_=true&_bcvm_vid_801950397597933140=1629483773022S802580318706451097TA6E067B96339CC9868A8C8891F887386B74B570D2550E93E82593E2182A2CE5E070B36A3350A8C8ED3A6B228725A11C6CA9D965F70ABB7800F8E5609DB735CA6&_bcvm_vrid_801950397597933140=1629483773022S802580318561279914T5273FB1BF80AE309795C5180F1802A103B18BCB9F5703F6247E712DE18A00497AC2C30656AE8A9C23EE8EF9106F94F56469827B20570E4CF93B37C58B36BF457& Message: Failed to load resource: the server responded with a status of 400 (Bad Request)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
analytics.foresee.com
api.ipify.org
bam-cell.nr-data.net
barleflorian.com
bat.bing.com
brain.foresee.com
cdn.cookielaw.org
cdn.decibelinsight.net
collector-8132.tvsquared.com
d.rageagainstthesoap.com
dds6m601du5ji.cloudfront.net
dpm.demdex.net
en.rageagainstthesoap.com
f8fbae65ef7bb3203c5b5633660587c4.safeframe.googlesyndication.com
gateway.foresee.com
geolocation.onetrust.com
global.oktacdn.com
googleads.g.doubleclick.net
images.boldchat.com
js-agent.newrelic.com
resources.digital-cloud.medallia.com
s-vop.sundaysky.com
securepubads.g.doubleclick.net
smetrics.cox.com
solutions.invocacdn.com
tags.tiqcdn.com
target.cox.com
udc-neb.kampyle.com
vms.boldchat.com
vmss.boldchat.com
vt.myvisualiq.net
webcdn.cox.com
webcdn1.cox.com
webcdn2.cox.com
webcdn3.cox.com
webcdn4.cox.com
www.cox.com
www.google-analytics.com
www.google.com
www.google.fr
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
en.rageagainstthesoap.com
108.138.17.90
108.138.7.55
109.238.12.156
13.224.189.10
142.250.186.98
146.75.121.230
15.236.117.205
151.101.66.137
162.247.243.30
18.66.112.77
18.66.147.25
18.66.147.97
2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
2600:9000:223c:9a00:7:4902:e200:93a1
2600:9000:223e:8400:7:2bfb:7c00:93a1
2606:4700:4400::6812:2b9e
2606:4700::6813:bc61
2620:1ec:c11::200
2a00:1450:4001:808::2001
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:830::2004
3.13.67.214
34.193.189.214
34.243.128.137
35.241.45.82
44.239.247.221
45.60.47.167
52.0.245.167
52.1.244.191
52.210.192.50
52.41.47.191
54.69.177.37
64.185.227.155
05a1965e7f939573198b93432d9a480bf53cc95c2943fe7747e2780cf11e68b5
07ab2e18097fca2d3e5d3a1dfa5fa9d9cb21e121921b538ccac510b388585aba
08f5b9afd31610820f2626c17f1e36f8ef32997e3df0fb24362b5188412d8b03
112b480a5bb4594432c1b4005dc2263854e923e9e2d47a6e6d2a8473666c688c
135fcc5bcf0b6968cf65f32cf73618eedee0af71b5ba8fe2c9fcdf8ea02d2c7c
13f207b9c8c2ed84ab67c072c9ed083cf244f2688c8b16dc6da8a84ff061a1fc
16066854168dba0d5b66929ee98cb0325d5f26f2bd48515220d65c130bb4d16d
1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc
1e9a40f7db4a20f42c15bd1f5a79fdb81b9e9d66a7d998bc17f8087c71567c31
1f74196f36a29e9aa43101a63f39ec5f1c602221d5541c4ab41cecb494075784
201242fa9d0790c94f155d3e4dc2f62636c0ab5b4314a0d4ddce22b4fefb8ede
22e7a1b10c110072f5a0bfd16e2197a76b279ec879bcce8978fada1dc9ee5d40
259bbafa8c88a58d94bc316b2526ada978c89524095e2ee3bab1eff2df72d425
27a81e21c36e49e0765d52bb8da4987591abbe2533484c548a78c07391c84dc8
2eefd5f3483269f61d45bf6ffc8abe8c15f37afff383a231269c2f4b38bcec20
39f7093b64cc148b96e3a8e1a8d849fcd4fda75781388e413014128f3dfffcf0
3a9e18826005dfbd44349c127e7273090024696514326903656385e31da952a7
3ce632f5db71a941a7cf8b3098bd6c46622f07322ef5c123dc1e3217c06f56b3
3f3619e57fd3b8e3ad141728c9f5c7389459d3b75234e287dafdd113d93cd16d
4271be75b6549727b2f6b020a48a3df7d47a7e97f70371379935d25d52dbdd2a
45d8f5268bf3362d5ab1a0bc538871b0766a909f6805a97bd6c3533999bc73a4
487c6a15ced8b69cf035b301349323242b3f667764a91f92b3918e3c310b23ec
49cd7e514d20a427de78b14e516213d02b2c7ec0cee399584eab79f889c55964
4b8d92dc2fbff0a66d984fc9c7df2f26a5949a53fe9b79b13435f0bbe4630ef3
4cd0836620180c3c30a1e499adf6aab783126a2ba6435a112060506529ff22c9
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5e3c74cf0301c593d1a5f7465b14bae74aac0bea40a22a8bf6223f2154367e2c
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
606dc1926901de3cf855ff2a2d3dd19adbdc9130a0f214b621aafa2e99cf71e2
607cc3cde28043c24d7156ccb5cb414527e303174807dd6267f79535964cb75a
65176c2bc37774e49c65f8ed6dbcb8a1af4329dc2c39b3744cb43f4342a67a02
6632358c9504f0ee52faadc71e6511ff9e9abfae48aafc11bb30ae50e31868b0
68ef764e2d683a2b137e78e7b4a96cc195e229729bf9f82ad7b92eb0892b3a06
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6d7f4b90397af891e478fa30d5a6d5f65ea7dff706a9983e519c3aae28b3f2fd
6f0318cf06ef561873c3f173634ba6f3000c827cadb5a062eb62e2545a4936b0
74fd06e6cdf2d85a0fb9ca9473dac087121fe71a0adbd9e3d55495e19b17dee6
76cd73d136711684a382feb832d651c907108ccb0a6fec971f08083f6ed1c953
7eccbb3b4b68f9f24a3b826f2eea4a1bbb48196cb734afc1b62c3d045cb680e1
831bd6ebe00e91fdcb3c46b4d7b62d92c4f83d7c02dae454367829ff7482a706
871f0d427f26a09f48d2c5475340e23c94e27a6b1a1f8a97e856c792b1a8aa9d
8923de470b0e49b233e56242f3388768dc538928ac3e171a5e6d34ff5b6a822b
89e5aa7b5df24d8a49a2f7505602ccc7fedaba7c981668c86bcbee18234143f6
8caaffc34425d831509195514dfdfd45042c712e3a02bcbb2f650380283fa9fe
8ce4aa1f17e51d38e974cc612e7945c04c3a1a50ec9fa0afd46637780afdd4b0
8eefa322436955a85812c082e3ed2399efd61cef81bf4e07d4bee01146e21e62
8ffb651f8bff2c93c955931d3e7efc01703f73c90cb383b7f9bf4e36e553f181
91262e6f00d6a45a34556b1da99a88e2e7dfac02ea8107ddf940d3746d6e4627
927c81b30ded08e9c2dfda6761f718d5341d8c0da01dadefb45e47f346491c28
92b7bb642d79fb4f787ad34e13f0cd5d3dc823a1d2d3191ae227b0aa66959041
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
942c2363fc0cc1cce0b910a2ff7423648e33cf375ac57a059dbea8d10796a61d
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
956130a5128980106fbf0a389ac67dc012d91840bbdd52383b953ade75d52c65
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a3e89342eb567c2622728c82149043af4a80de3693f8a50e15b75a700866ece
9aa53ced8e5c2586773a4b86516aedd8c55a7593201b556cdbaec0cb4e437092
9ad981a1136d20c3b22b5e65fff90f60e8062b6698cd2d6e3aa60ef13b0a9221
9c2eb6be371145e1031885d217b4a5a1002544511ba59716e4fca2d236cc13a2
9f3c76da4543257b29cbf4d10348fc0256ce83c2d6a2363d99fa8d69b8b8ca28
a09d0f89e99cf5a081315ff701187632005dabd23f3ca116a75790003faa7e8f
a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253
a265a6ed67f405f4896ed8aedfabf47025adf8c8af5f53131cb573cd89cb8ae0
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5a19d9670111354aaa611c7ba391037e476da11d1a8da20c4c0b359fdf84a0f
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
af837ae7b71351d6e975ebe52b34a81438de40b134de2c30ea245b5c1b79a57b
b005acc4897aef46323fa78290cfb4b7e64157b42b85934ccf7344389fb9f117
b30b798e511ce7eff91dd8b1d8f31a57ff72d48a324ab254fdbb27ea7ddd76ff
b8c6dc0240ff500fa2a39b69eff345cff306946f872b75c3baa29890342bbf16
bb039c0d54070327b6adbc159fa6657124c0745cfe0cf11e1848d96b6122a864
bbf125e4784975787be2ff4cdbba5d2d87c2492eefa8b4b2a332f77c156e57a4
c3f012ffdb0be6fe0417057e7debc8c5129eed0476fd765cd93f234bb2cf77a3
c4e3460c06318c97454b60e5020707920e7ca781b7006b82613eabc847385b3a
c60597f209c55d7873e66a7b44362d0768b707eef1cca372f2e077ada145d28b
c78e74b2b71ebb8b80127e74bc408d52dcbf9ea4b97e2fcfcced7e4abc63879d
c8c7b2da34110e5b414033c270d19748af274f3c295e4280a425f2a18063256f
c91ebe96afe5533913d870be12431315831e23eba0620f5afe970373e0426d96
cca13a043d768c596be1f3e6410e2fc05872542c9cdca6485d19584b2a0aae1c
d02b2d5d4e52b25cce4765289d93d4e3e6290d4c95835b9fdc0fac413481787a
d1d05e599f94582eb6c8d853fc2e93118ae92f919a0df5c88b320e16e7b6ec9f
d3ea1d2be236fb0c6f31162fd3a0f3fbca4f87e7aa3492250c1ef6e7165ebc26
d48d00c53d675d25a77f6a4d7a11b870f54624e32e6957ec8152fe8ca6d362aa
d60826499153bf6fcb4e8a8809d3b10d737cf4990ee4a0c8d796af7d5c0a9175
d95592cd6359268fe02c317932a59feb612258fa518f4953a1823eff9576bb32
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
de1eadaedfd3a27ad7fcfaa9a1a3f1ef4f0745a620bd03d26f78c0911c43b91a
df7b6da907b0b991873a1ba17af1b90b749bf6b051923487189ff4c9d9a32d3c
e39fe1ec2b40705c14b26e49f797782a33e8f5907f21b15b091c38c367b92560
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5647edf02795dbd3d4fb9f5c38e1ffefa0d563c31c9cc060db7320e28bf9844
e5692dfa264970c3a29c0212caa5e80a55278a42dab62500d549eab68c552b62
e85a649094d881201f7a886c94cd19e72196c761da5017c9269b03b35ca9c5c4
ec42ff20fb50dd89f8afbfddda6be868264cdea7e7aa1ae88b711d29cd8bfd1c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2d241c0a328576f58bdae116b5a40b4346a6cfab6844f000475c784f1e66bf2
f31757c96cb6347cedcc4c94917df7abde19c758d6a480df221a0a7765856b4a
f559ee7f966b60e1a148498a4ef228994aca5e23305567398aeced2bcbcfa4d0
f75c84c907eea06f97529cf6d90f52b88fe33d69ab3ee21f6819dd728de2bad3
f7c20d02ef54341b1562afe8db32d1bc701bb7974db2ffc0a560097e3875c1be
f7f4899038d840214e5c4b086d84f9dbf8d8fc6aade24ae7326b62c0868636e4
f9fbaa2d8a04926b60d9b457b41bf7c33388dc09b19061002195df1972f813e7
ff3565cc93cf3c21b441dd5911de725fb55e4d203cfe380ea1b70adfc9c7504b

barleflorian.com Open in urlscan Pro 109.238.12.156 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

135 Requests

90 %HTTPS

40 %IPv6

31 Domains

45 Subdomains

41 IPs

4 Countries

2616 kBTransfer

8795 kBSize

44 Cookies

9 Outgoing links

Page URL History

Redirected requests

135 HTTP transactions Everything HTML Script AJAX CSS Image Expand all -1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

barleflorian.com Open in urlscan Pro
109.238.12.156 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

135
Requests

90 %
HTTPS

40 %
IPv6

31
Domains

45
Subdomains

41
IPs

4
Countries

2616 kB
Transfer

8795 kB
Size

44
Cookies

135 HTTP transactions
-1 data transactions