www.bridewell.com Open in urlscan Pro
2620:1ec:46::64  Public Scan

14 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4499777&time=1714453779689&url=https%3A%2F%2Fwww.bridewell.com%2Finsights%2Fblogs%2Fdetail%2Fclearfake-campaign HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4499777&time=1714453779689&url=https%3A%2F%2Fwww.bridewell.com%2Finsights%2Fblogs%2Fdetail%2Fclearfake-campaign&cookiesTest=true HTTP 302
• https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4499777%26time%3D1714453779689%26url%3Dhttps%253A%252F%252Fwww.bridewell.com%252Finsights%252Fblogs%252Fdetail%252Fclearfake-campaign%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4499777&time=1714453779689&url=https%3A%2F%2Fwww.bridewell.com%2Finsights%2Fblogs%2Fdetail%2Fclearfake-campaign&cookiesTest=true&liSync=true HTTP 0
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4499777&time=1714453779689&url=https%3A%2F%2Fwww.bridewell.com%2Finsights%2Fblogs%2Fdetail%2Fclearfake-campaign&cookiesTest=true&liSync=true&e_ipv6=AQKZ9LXnrr_UCwAAAY8taJkbVVXwHceUYVIlPoPU3pymq1fKwslxBhpD1P1Ql_FwhcQn9dky7rF1

83 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
22 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request clearfake-campaign Show response www.bridewell.com/insights/blogs/detail/	92 KB 28 KB	1923ms 1801ms	Document text/html	2620:1ec:46::64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 528df3390f76643b3c3a455f55be61651eb8cb5dd24abeabd3e344803faff9fe Security Headers Name Value Content-Security-Policy default-src 'self' *.appius.co.uk *.google.com *.bridewell.com *.insights.bridewell.com *.iconnode.com popupsmart.com forms.office.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.google.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com unpkg.com/@frontify/ *.cloudinary.com *.onetrust.com *.bridewellconsulting.com *.livechatinc.com snap.licdn.com https://*.googletagmanager.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com/ popupsmart.com insights.bridewell.com https://pi.pardot.com *.iconnode.com forms.office.com; style-src 'self' 'unsafe-inline' *.googleapis.com forms.office.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com https://www.googletagmanager.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: secure.livechatinc.com cdn.livechatinc.com https://*.hotjar.com https://*.canva.com popupsmart.com cdn.popupsmart.com; img-src 'self' *.gstatic.com *.googleapis.com https://*.popupsmart.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com *.onetrust.com px.ads.linkedin.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google.co.uk https://cdn.livechatinc.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com; media-src 'self' data: blob: *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com cdn.popupsmart.com popupsmart.com; frame-ancestors 'self' https://bridewellconsulting.sharepoint.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.frontify.com cloudinary.com *.cloudinary.com *.appius.co.uk *.google.com *.bridewell.com *.bridewellconsulting.com secure.livechatinc.com/ https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com; connect-src 'self' data: accounts.google.com stats.g.doubleclick.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.analytics.google.com *.gstatic.com *.frontify.com *.cloudinary.com *.onetrust.com *.bridewellconsulting.com cdn.linkedin.oribi.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://www.facebook.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com https://px.ads.linkedin.com https://*.popupsmart.com; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes access-control-expose-headers Request-Context cache-control no-cache content-encoding gzip content-length 25821 content-security-policy default-src 'self' *.appius.co.uk *.google.com *.bridewell.com *.insights.bridewell.com *.iconnode.com popupsmart.com forms.office.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.google.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com unpkg.com/@frontify/ *.cloudinary.com *.onetrust.com *.bridewellconsulting.com *.livechatinc.com snap.licdn.com https://*.googletagmanager.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com/ popupsmart.com insights.bridewell.com https://pi.pardot.com *.iconnode.com forms.office.com; style-src 'self' 'unsafe-inline' *.googleapis.com forms.office.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com https://www.googletagmanager.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: secure.livechatinc.com cdn.livechatinc.com https://*.hotjar.com https://*.canva.com popupsmart.com cdn.popupsmart.com; img-src 'self' *.gstatic.com *.googleapis.com https://*.popupsmart.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com *.onetrust.com px.ads.linkedin.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google.co.uk https://cdn.livechatinc.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com; media-src 'self' data: blob: *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com cdn.popupsmart.com popupsmart.com; frame-ancestors 'self' https://bridewellconsulting.sharepoint.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.frontify.com cloudinary.com *.cloudinary.com *.appius.co.uk *.google.com *.bridewell.com *.bridewellconsulting.com secure.livechatinc.com/ https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com; connect-src 'self' data: accounts.google.com stats.g.doubleclick.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.analytics.google.com *.gstatic.com *.frontify.com *.cloudinary.com *.onetrust.com *.bridewellconsulting.com cdn.linkedin.oribi.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://www.facebook.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com https://px.ads.linkedin.com https://*.popupsmart.com; content-type text/html; charset=utf-8 date Tue, 30 Apr 2024 05:09:39 GMT expires -1 pragma no-cache referrer-policy no-referrer-when-downgrade request-context appId=cid-v1:35f9c660-8cdd-4673-a103-1ce2f09d11cf strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding x-azure-ref 20240430T050937Z-17859dc676bcxgd98xd7z11vh40000000620000000014qnv x-cache CONFIG_NOCACHE x-content-type-options nosniff x-frame-options SAMEORIGIN x-permitted-cross-domain-policies none x-xss-protection 1; mode=block
GET H2	200	main.css www.bridewell.com/ResourcePackages/BridewellConsulting/assets/bundles/	547 KB 161 KB	109ms 108ms	Stylesheet text/css	2620:1ec:46::64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.bridewell.com/ResourcePackages/BridewellConsulting/assets/bundles/main.css?v=721JdsrX0dfDROHQWkXmZfFzs4wUabjq6PxxlyTjt7I1 Requested by Host: www.bridewell.com URL: https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash ed4e33f0b980842c15bb5cf1182ca550594718edb249e58f7333246e9ed9c286 Security Headers Name Value Content-Security-Policy default-src 'self' *.appius.co.uk *.google.com *.bridewell.com *.insights.bridewell.com *.iconnode.com popupsmart.com forms.office.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.google.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com unpkg.com/@frontify/ *.cloudinary.com *.onetrust.com *.bridewellconsulting.com *.livechatinc.com snap.licdn.com https://*.googletagmanager.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com/ popupsmart.com insights.bridewell.com https://pi.pardot.com *.iconnode.com forms.office.com; style-src 'self' 'unsafe-inline' *.googleapis.com forms.office.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com https://www.googletagmanager.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: secure.livechatinc.com cdn.livechatinc.com https://*.hotjar.com https://*.canva.com popupsmart.com cdn.popupsmart.com; img-src 'self' *.gstatic.com *.googleapis.com https://*.popupsmart.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com *.onetrust.com px.ads.linkedin.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google.co.uk https://cdn.livechatinc.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com; media-src 'self' data: blob: *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com cdn.popupsmart.com popupsmart.com; frame-ancestors 'self' https://bridewellconsulting.sharepoint.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.frontify.com cloudinary.com *.cloudinary.com *.appius.co.uk *.google.com *.bridewell.com *.bridewellconsulting.com secure.livechatinc.com/ https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com; connect-src 'self' data: accounts.google.com stats.g.doubleclick.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.analytics.google.com *.gstatic.com *.frontify.com *.cloudinary.com *.onetrust.com *.bridewellconsulting.com cdn.linkedin.oribi.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://www.facebook.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com https://px.ads.linkedin.com https://*.popupsmart.com; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:09:39 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains x-permitted-cross-domain-policies none content-security-policy default-src 'self' *.appius.co.uk *.google.com *.bridewell.com *.insights.bridewell.com *.iconnode.com popupsmart.com forms.office.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.google.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com unpkg.com/@frontify/ *.cloudinary.com *.onetrust.com *.bridewellconsulting.com *.livechatinc.com snap.licdn.com https://*.googletagmanager.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com/ popupsmart.com insights.bridewell.com https://pi.pardot.com *.iconnode.com forms.office.com; style-src 'self' 'unsafe-inline' *.googleapis.com forms.office.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com https://www.googletagmanager.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: secure.livechatinc.com cdn.livechatinc.com https://*.hotjar.com https://*.canva.com popupsmart.com cdn.popupsmart.com; img-src 'self' *.gstatic.com *.googleapis.com https://*.popupsmart.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com *.onetrust.com px.ads.linkedin.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google.co.uk https://cdn.livechatinc.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com; media-src 'self' data: blob: *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com cdn.popupsmart.com popupsmart.com; frame-ancestors 'self' https://bridewellconsulting.sharepoint.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.frontify.com cloudinary.com *.cloudinary.com *.appius.co.uk *.google.com *.bridewell.com *.bridewellconsulting.com secure.livechatinc.com/ https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com; connect-src 'self' data: accounts.google.com stats.g.doubleclick.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.analytics.google.com *.gstatic.com *.frontify.com *.cloudinary.com *.onetrust.com *.bridewellconsulting.com cdn.linkedin.oribi.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://www.facebook.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com https://px.ads.linkedin.com https://*.popupsmart.com; x-cache CONFIG_NOCACHE x-xss-protection 1; mode=block request-context appId=cid-v1:35f9c660-8cdd-4673-a103-1ce2f09d11cf referrer-policy no-referrer-when-downgrade last-modified Tue, 30 Apr 2024 05:09:39 GMT vary User-Agent,Accept-Encoding x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 x-azure-ref 20240430T050939Z-17859dc676bcxgd98xd7z11vh40000000620000000014qua access-control-expose-headers Request-Context cache-control public, max-age=31536000 expires Wed, 30 Apr 2025 05:09:39 GMT
GET H2	200	118800.js Show response scripts.iconnode.com/	49 KB 8 KB	71ms 21ms	Script application/javascript	18.245.60.90 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://scripts.iconnode.com/118800.js Requested by Host: www.bridewell.com URL: https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.60.90 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-60-90.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 00b0f14888a69cb8331e436d368e629de2426c18ce8ff0e774218b6b6db2f31e Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 29 Apr 2024 06:24:38 GMT content-encoding gzip via 1.1 934815569b3b6127560be81f148ef706.cloudfront.net (CloudFront) x-amz-version-id 3h.K.TlARfI2L8l1Kwl7qO0qqJTwUfTO x-amz-cf-pop FRA60-P5 age 81902 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 8105 last-modified Fri, 19 Jan 2024 09:54:49 GMT server AmazonS3 etag "f1f2ff624d6ec0ae00cbffc8fe1f45f9" content-type application/javascript cache-control max-age=0 accept-ranges bytes x-amz-cf-id iEbWxwgJD6W2doGuRcCyh3cqNXpWJbzbzM3f2tBeViaURXgn5-456A==
GET H2	200	bridewell.svg media.bridewell.com/web/images/default-source/logos/	4 KB 2 KB	90ms 26ms	Image image/svg+xml	2620:1ec:46::64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://media.bridewell.com/web/images/default-source/logos/bridewell.svg?sfvrsn=18fdfb6b_13 Requested by Host: www.bridewell.com URL: https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash da934e88740662fda56d13a6d0a8dcda285681d5ba9e20bae3f764d48658b2d7 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Tue, 30 Apr 2024 05:09:39 GMT x-ms-meta-fileid 553f841a-3772-4d4a-bd82-a223bc7f0e57 content-encoding br last-modified Mon, 12 Dec 2022 15:32:36 GMT vary Accept-Encoding x-azure-ref 20240430T050939Z-17859dc676bcxgd98xd7z11vh40000000620000000014quh content-type image/svg+xml x-ms-request-id e73b06c6-201e-0001-6bbc-9af855000000 cache-control public, max-age=7776000 x-cache TCP_HIT x-ms-version 2009-09-19 x-fd-int-roxy-purgeid 0 x-cache-info L1_T2
GET H2	200	1920-x-500-clearfake.jpg media.bridewell.com/web/images/default-source/default-album/	89 KB 89 KB	211ms 146ms	Image image/jpeg	2620:1ec:46::64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://media.bridewell.com/web/images/default-source/default-album/1920-x-500-clearfake.jpg?sfvrsn=f13e3f1c_1 Requested by Host: www.bridewell.com URL: https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 565dced4726cfd89a85a4e2232700796f6dfa619754723108191251006964a57 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Tue, 30 Apr 2024 05:09:39 GMT x-ms-meta-fileid 9948678a-e1b3-462e-a7a0-51f4b50fd8f5 last-modified Mon, 22 Jan 2024 15:37:35 GMT etag 0x8DC1B600E6EA6AD x-azure-ref 20240430T050939Z-17859dc676bcxgd98xd7z11vh40000000620000000014qug x-cache TCP_MISS content-type image/jpeg x-ms-request-id 1fcb090f-d01e-0016-5fbc-9a9979000000 cache-control public, max-age=7776000 x-ms-version 2009-09-19 x-fd-int-roxy-purgeid 0 accept-ranges bytes content-length 90635
GET H2	200	figure-1-diamond-model-depicting-clearfake-capabilities-and-infrastructure.-.jpg media.bridewell.com/web/images/default-source/default-album/	89 KB 90 KB	138ms 138ms	Image image/jpeg	2620:1ec:46::64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://media.bridewell.com/web/images/default-source/default-album/figure-1-diamond-model-depicting-clearfake-capabilities-and-infrastructure.-.jpg?sfvrsn=fa5c5ef6_1 Requested by Host: www.bridewell.com URL: https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 8fd7be73f3b85b2b3e19109148c1af97c581ba1309175a06caceeb0aa1a9d156 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Tue, 30 Apr 2024 05:09:39 GMT x-ms-meta-fileid 833321f5-b373-4ca0-ba4f-3e01f8e32c98 last-modified Fri, 19 Jan 2024 10:28:05 GMT etag 0x8DC18D952D5FA74 x-azure-ref 20240430T050939Z-17859dc676bcxgd98xd7z11vh40000000620000000014qur x-cache TCP_MISS content-type image/jpeg x-ms-request-id 5c7bcd13-801e-004f-73bc-9a8959000000 cache-control public, max-age=7776000 x-ms-version 2009-09-19 x-fd-int-roxy-purgeid 0 accept-ranges bytes content-length 91194
GET H2	200	figure-2-the-clearfake-infection-chain-as-observed-by-the-bridewell-cti-team.-.jpg media.bridewell.com/web/images/default-source/default-album/	68 KB 69 KB	170ms 165ms	Image image/jpeg	2620:1ec:46::64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://media.bridewell.com/web/images/default-source/default-album/figure-2-the-clearfake-infection-chain-as-observed-by-the-bridewell-cti-team.-.jpg?sfvrsn=235db3a7_1 Requested by Host: www.bridewell.com URL: https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash c9e49330ce330fbc0bff4fd137a3076121387e53d8b5ab0e881036adf6df3bae Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Tue, 30 Apr 2024 05:09:39 GMT x-ms-meta-fileid 3dae0d37-1713-409c-9bcf-1412b7dcedd9 last-modified Fri, 19 Jan 2024 10:29:25 GMT etag 0x8DC18D9822F0C30 x-azure-ref 20240430T050939Z-17859dc676bcxgd98xd7z11vh40000000620000000014qv8 x-cache TCP_MISS content-type image/jpeg x-ms-request-id 8580a72a-701e-0048-33bc-9a5857000000 cache-control public, max-age=7776000 x-ms-version 2009-09-19 x-fd-int-roxy-purgeid 0 accept-ranges bytes content-length 69753
GET H2	200	figure-3---clearfake-js-payload.jpg media.bridewell.com/web/images/default-source/default-album/	45 KB 45 KB	170ms 165ms	Image image/jpeg	2620:1ec:46::64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://media.bridewell.com/web/images/default-source/default-album/figure-3---clearfake-js-payload.jpg?sfvrsn=6efac7a_1 Requested by Host: www.bridewell.com URL: https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 9f63c3e5c9db30ed8b1432434b75957c4e53f8a87e1cf15e6af87edd2243350d Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Tue, 30 Apr 2024 05:09:39 GMT x-ms-meta-fileid 7e3cf21f-763b-4619-b0b3-c4ef13bab773 last-modified Fri, 19 Jan 2024 10:30:57 GMT etag 0x8DC18D9B98C46E0 x-azure-ref 20240430T050939Z-17859dc676bcxgd98xd7z11vh40000000620000000014qv9 x-cache TCP_MISS content-type image/jpeg x-ms-request-id 046352d8-801e-001b-7ebc-9a4662000000 cache-control public, max-age=7776000 x-ms-version 2009-09-19 x-fd-int-roxy-purgeid 0 accept-ranges bytes content-length 46143
GET H2	200	figure-4---malicious-js-.jpg media.bridewell.com/web/images/default-source/default-album/	63 KB 63 KB	156ms 152ms	Image image/jpeg	2620:1ec:46::64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://media.bridewell.com/web/images/default-source/default-album/figure-4---malicious-js-.jpg?sfvrsn=239809e9_1 Requested by Host: www.bridewell.com URL: https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 05d99caba40e4d5e695fc5f9c530c6f582f4aee6f6cfa828253b89783422f928 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Tue, 30 Apr 2024 05:09:39 GMT x-ms-meta-fileid 6208e1cc-af3c-4396-8d0b-849d74779c1d last-modified Fri, 19 Jan 2024 10:32:03 GMT etag 0x8DC18D9E0CEE0AF x-azure-ref 20240430T050939Z-17859dc676bcxgd98xd7z11vh40000000620000000014qvc x-cache TCP_MISS content-type image/jpeg x-ms-request-id 253073f1-201e-003d-6dbc-9a2d5d000000 cache-control public, max-age=7776000 x-ms-version 2009-09-19 x-fd-int-roxy-purgeid 0 accept-ranges bytes content-length 64530
GET H2	200	figure-5-javascript-connection-to-malicious-infrastructure-observed-in-chrome.-.jpg media.bridewell.com/web/images/default-source/default-album/	108 KB 109 KB	175ms 171ms	Image image/jpeg	2620:1ec:46::64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://media.bridewell.com/web/images/default-source/default-album/figure-5-javascript-connection-to-malicious-infrastructure-observed-in-chrome.-.jpg?sfvrsn=fd71d31d_1 Requested by Host: www.bridewell.com URL: https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash eace4b797a80b7837c19ac832fc294ee59e934b988867d305ae5fa707ad4637b Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Tue, 30 Apr 2024 05:09:39 GMT x-ms-meta-fileid 8b890150-1e24-4be5-98ff-e6730aeff39e last-modified Fri, 19 Jan 2024 10:38:39 GMT etag 0x8DC18DACC6B1DDC x-azure-ref 20240430T050939Z-17859dc676bcxgd98xd7z11vh40000000620000000014qvd x-cache TCP_MISS content-type image/jpeg x-ms-request-id 73b8d27e-b01e-002c-62bc-9ab67d000000 cache-control public, max-age=7776000 x-ms-version 2009-09-19 x-fd-int-roxy-purgeid 0 accept-ranges bytes content-length 110831
GET H2	200	figure-6-base64-encoded-javascript-used-to-communicate-with-the-binance-smartchain-.jpg media.bridewell.com/web/images/default-source/default-album/	63 KB 64 KB	110ms 110ms	Image image/jpeg	2620:1ec:46::64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://media.bridewell.com/web/images/default-source/default-album/figure-6-base64-encoded-javascript-used-to-communicate-with-the-binance-smartchain-.jpg?sfvrsn=54b9c0fa_1 Requested by Host: www.bridewell.com URL: https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 498b81c22840af5ffca124953f6725210194065274183e7f458517718d7d7043 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Tue, 30 Apr 2024 05:09:39 GMT x-ms-meta-fileid 08d7966f-dab9-4e4d-8bfc-b373ced32c21 last-modified Fri, 19 Jan 2024 10:39:22 GMT etag 0x8DC18DAE6596284 x-azure-ref 20240430T050939Z-17859dc676bcxgd98xd7z11vh40000000620000000014qvp x-cache TCP_MISS content-type image/jpeg x-ms-request-id 4499d03d-501e-0032-52bc-9aa442000000 cache-control public, max-age=7776000 x-ms-version 2009-09-19 x-fd-int-roxy-purgeid 0 accept-ranges bytes content-length 64822
GET H2	200	figure-7-the-base64-string-decoded.-.jpg media.bridewell.com/web/images/default-source/default-album/	97 KB 97 KB	124ms 124ms	Image image/jpeg	2620:1ec:46::64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://media.bridewell.com/web/images/default-source/default-album/figure-7-the-base64-string-decoded.-.jpg?sfvrsn=c985147f_1 Requested by Host: www.bridewell.com URL: https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 8cb748bd520f1bb735acd19c49139cad04bf2f7c95063d22f1d4d4160d997852 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Tue, 30 Apr 2024 05:09:39 GMT x-ms-meta-fileid 7580bdc9-3f5f-4f1d-ac28-31ad5b26b501 last-modified Fri, 19 Jan 2024 10:40:02 GMT etag 0x8DC18DAFE600C9B x-azure-ref 20240430T050939Z-17859dc676bcxgd98xd7z11vh40000000620000000014qw3 x-cache TCP_MISS content-type image/jpeg x-ms-request-id c13a63d3-c01e-004b-77bc-9a2551000000 cache-control public, max-age=7776000 x-ms-version 2009-09-19 x-fd-int-roxy-purgeid 0 accept-ranges bytes content-length 99275
GET H2	200	figure-8-malicious-domains-involved-with-the-execution-of-clearfake.-.jpg media.bridewell.com/web/images/default-source/default-album/	39 KB 39 KB	147ms 146ms	Image image/jpeg	2620:1ec:46::64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://media.bridewell.com/web/images/default-source/default-album/figure-8-malicious-domains-involved-with-the-execution-of-clearfake.-.jpg?sfvrsn=a791d28_1 Requested by Host: www.bridewell.com URL: https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash d12e4a3a4d0705bc7c0c6c374a2740482e3fea216e22ebf70f5f2f304c22f8b1 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Tue, 30 Apr 2024 05:09:39 GMT x-ms-meta-fileid 8783cfe2-fb79-43be-b4d0-ec42dda278ba last-modified Fri, 19 Jan 2024 10:40:45 GMT etag 0x8DC18DB17E0F5FF x-azure-ref 20240430T050939Z-17859dc676bcxgd98xd7z11vh40000000620000000014qw4 x-cache TCP_MISS content-type image/jpeg x-ms-request-id 1e16e269-201e-0045-06bc-9a874c000000 cache-control public, max-age=7776000 x-ms-version 2009-09-19 x-fd-int-roxy-purgeid 0 accept-ranges bytes content-length 39815
GET H2	200	figure-9-dropbox-url-within-virustotal.-.jpg media.bridewell.com/web/images/default-source/default-album/	53 KB 53 KB	168ms 168ms	Image image/jpeg	2620:1ec:46::64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://media.bridewell.com/web/images/default-source/default-album/figure-9-dropbox-url-within-virustotal.-.jpg?sfvrsn=ef89076e_1 Requested by Host: www.bridewell.com URL: https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 7a5fe6770e50f18e054dae6471a3cd06ff1bcdaa02ce22cd9cf5b52dd22004ee Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Tue, 30 Apr 2024 05:09:39 GMT x-ms-meta-fileid 6c335ddf-8f95-4176-a906-9477b8fc093c last-modified Fri, 19 Jan 2024 10:41:31 GMT etag 0x8DC18DB33001E75 x-azure-ref 20240430T050939Z-17859dc676bcxgd98xd7z11vh40000000620000000014qw5 x-cache TCP_MISS content-type image/jpeg x-ms-request-id 534d54fd-201e-0055-53bc-9a376e000000 cache-control public, max-age=7776000 x-ms-version 2009-09-19 x-fd-int-roxy-purgeid 0 accept-ranges bytes content-length 54221
GET H2	200	figure-10-mitre-attack-ttps-for-clearfake-loader-malware-.jpg media.bridewell.com/web/images/default-source/default-album/	83 KB 84 KB	133ms 133ms	Image image/jpeg	2620:1ec:46::64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://media.bridewell.com/web/images/default-source/default-album/figure-10-mitre-attack-ttps-for-clearfake-loader-malware-.jpg?sfvrsn=f3edaf4f_1 Requested by Host: www.bridewell.com URL: https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash a9587149db08c240c18b475dde8af5f46b68b33fd5c4a2e97debb7a980e0d395 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Tue, 30 Apr 2024 05:09:39 GMT x-ms-meta-fileid 1f53273d-da34-43f2-b1e7-ab8ef7226fff last-modified Fri, 19 Jan 2024 10:43:06 GMT etag 0x8DC18DB6BD3C4C6 x-azure-ref 20240430T050939Z-17859dc676bcxgd98xd7z11vh40000000620000000014qw6 x-cache TCP_MISS content-type image/jpeg x-ms-request-id 8c6649b1-a01e-0035-04bc-9a754c000000 cache-control public, max-age=7776000 x-ms-version 2009-09-19 x-fd-int-roxy-purgeid 0 accept-ranges bytes content-length 85440
GET H2	200	figure-11-the-clearfake-loader-conducts-enumeration-of-local-accounts.-.jpg media.bridewell.com/web/images/default-source/default-album/	61 KB 61 KB	162ms 162ms	Image image/jpeg	2620:1ec:46::64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://media.bridewell.com/web/images/default-source/default-album/figure-11-the-clearfake-loader-conducts-enumeration-of-local-accounts.-.jpg?sfvrsn=b4ecedc_1 Requested by Host: www.bridewell.com URL: https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash be5776fa0567c6ccabf1e8eb3241004ed84ad160b1ba9b0e9acfb45c60326a8e Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Tue, 30 Apr 2024 05:09:39 GMT x-ms-meta-fileid 11a88668-cdd5-4a84-8f96-9546a545a972 last-modified Fri, 19 Jan 2024 10:43:44 GMT etag 0x8DC18DB82B0B88B x-azure-ref 20240430T050939Z-17859dc676bcxgd98xd7z11vh40000000620000000014qw7 x-cache TCP_MISS content-type image/jpeg x-ms-request-id 7db398ff-301e-004c-3dbc-9af45f000000 cache-control public, max-age=7776000 x-ms-version 2009-09-19 x-fd-int-roxy-purgeid 0 accept-ranges bytes content-length 62479
GET H2	200	figure-12.jpg media.bridewell.com/web/images/default-source/default-album/	9 KB 9 KB	128ms 128ms	Image image/jpeg	2620:1ec:46::64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://media.bridewell.com/web/images/default-source/default-album/figure-12.jpg?sfvrsn=78b255a_1 Requested by Host: www.bridewell.com URL: https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 1280af11aa914efc1ea32063d2ca7539597bc0283df4619bfdb9bc72f49d745d Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Tue, 30 Apr 2024 05:09:39 GMT x-ms-meta-fileid c5cb2a77-07c7-4b24-90d5-f5177619c91d last-modified Tue, 23 Jan 2024 09:38:18 GMT etag 0x8DC1BF70806183B x-azure-ref 20240430T050939Z-17859dc676bcxgd98xd7z11vh40000000620000000014qw9 x-cache TCP_MISS content-type image/jpeg x-ms-request-id 7db39909-301e-004c-43bc-9af45f000000 cache-control public, max-age=7776000 x-ms-version 2009-09-19 x-fd-int-roxy-purgeid 0 accept-ranges bytes content-length 8769
GET H2	200	figure-13-base64-encoded-powershell-allows-an-attacker-to-more-easily-evade-detection.-.jpg media.bridewell.com/web/images/default-source/default-album/	29 KB 30 KB	130ms 130ms	Image image/jpeg	2620:1ec:46::64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://media.bridewell.com/web/images/default-source/default-album/figure-13-base64-encoded-powershell-allows-an-attacker-to-more-easily-evade-detection.-.jpg?sfvrsn=686c545a_1 Requested by Host: www.bridewell.com URL: https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash b726b529e1c1fdd51c3de9f6904c5d722591df7429ac296423cc92af9c52a7e1 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Tue, 30 Apr 2024 05:09:39 GMT x-ms-meta-fileid 814ce3e7-7bb1-41c4-988f-0b5b90a60b5e last-modified Fri, 19 Jan 2024 10:46:29 GMT etag 0x8DC18DBE480627D x-azure-ref 20240430T050939Z-17859dc676bcxgd98xd7z11vh40000000620000000014qwt x-cache TCP_MISS content-type image/jpeg x-ms-request-id 25ae44e7-d01e-0052-49bc-9ae660000000 cache-control public, max-age=7776000 x-ms-version 2009-09-19 x-fd-int-roxy-purgeid 0 accept-ranges bytes content-length 29875
GET H2	200	figure-14-the-clearfake-malware-loader-conducts-sandbox-evasion-techniques-using-wmi.-.jpg media.bridewell.com/web/images/default-source/default-album/	24 KB 25 KB	137ms 137ms	Image image/jpeg	2620:1ec:46::64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://media.bridewell.com/web/images/default-source/default-album/figure-14-the-clearfake-malware-loader-conducts-sandbox-evasion-techniques-using-wmi.-.jpg?sfvrsn=ec6a1028_1 Requested by Host: www.bridewell.com URL: https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 078bf252d117be9dc0558dfde1104a034b08ed12a8ff21de7a38f1a1b8d7569f Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Tue, 30 Apr 2024 05:09:39 GMT x-ms-meta-fileid b8953074-86aa-4466-b406-7900f9c9bec0 last-modified Fri, 19 Jan 2024 10:47:10 GMT etag 0x8DC18DBFD1E0E1E x-azure-ref 20240430T050939Z-17859dc676bcxgd98xd7z11vh40000000620000000014qww x-cache TCP_MISS content-type image/jpeg x-ms-request-id b1ddb212-001e-0047-51bc-9ad148000000 cache-control public, max-age=7776000 x-ms-version 2009-09-19 x-fd-int-roxy-purgeid 0 accept-ranges bytes content-length 24843
GET H2	200	figure-15-the-clearfake-loader-malware-was-identified-conducting-wmi-queries-to-evade-sandbox-tools.-.jpg media.bridewell.com/web/images/default-source/default-album/	34 KB 35 KB	96ms 96ms	Image image/jpeg	2620:1ec:46::64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://media.bridewell.com/web/images/default-source/default-album/figure-15-the-clearfake-loader-malware-was-identified-conducting-wmi-queries-to-evade-sandbox-tools.-.jpg?sfvrsn=d7f49b4f_1 Requested by Host: www.bridewell.com URL: https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash c3a8e4a4d6d941dd2ec39d49a6957c554eed1710a738992a18a28ded2c7cb717 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Tue, 30 Apr 2024 05:09:39 GMT x-ms-meta-fileid 3830c66d-677f-4991-8296-1ccd3ac8f925 last-modified Fri, 19 Jan 2024 10:47:50 GMT etag 0x8DC18DC14E3E8ED x-azure-ref 20240430T050939Z-17859dc676bcxgd98xd7z11vh40000000620000000014qwx x-cache TCP_MISS content-type image/jpeg x-ms-request-id 59b11337-701e-0020-7cbc-9a4264000000 cache-control public, max-age=7776000 x-ms-version 2009-09-19 x-fd-int-roxy-purgeid 0 accept-ranges bytes content-length 34920
GET H2	200	figure-16-the-bridewell-cti-team-conducted-research-into-this-sandbox-evasion-technique.-.jpg media.bridewell.com/web/images/default-source/default-album/	148 KB 149 KB	142ms 142ms	Image image/jpeg	2620:1ec:46::64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://media.bridewell.com/web/images/default-source/default-album/figure-16-the-bridewell-cti-team-conducted-research-into-this-sandbox-evasion-technique.-.jpg?sfvrsn=83e81cac_1 Requested by Host: www.bridewell.com URL: https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 50596dc7792aae8441be908ca5cb3c7e324dea6077d22d6e41b7bd622191377d Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Tue, 30 Apr 2024 05:09:39 GMT x-ms-meta-fileid e56684fc-8137-4885-9c18-06a26ffd22dc last-modified Fri, 19 Jan 2024 10:49:06 GMT etag 0x8DC18DC42A6A977 x-azure-ref 20240430T050939Z-17859dc676bcxgd98xd7z11vh40000000620000000014qwy x-cache TCP_MISS content-type image/jpeg x-ms-request-id 56f2db8a-d01e-0052-6cbc-9ae660000000 cache-control public, max-age=7776000 x-ms-version 2009-09-19 x-fd-int-roxy-purgeid 0 accept-ranges bytes content-length 151798
GET H2	200	figure-17-the-clearfake-malware-uses-process-injection-techniques.-.jpg media.bridewell.com/web/images/default-source/default-album/	46 KB 46 KB	100ms 99ms	Image image/jpeg	2620:1ec:46::64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://media.bridewell.com/web/images/default-source/default-album/figure-17-the-clearfake-malware-uses-process-injection-techniques.-.jpg?sfvrsn=9480f9c9_1 Requested by Host: www.bridewell.com URL: https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 79f7ef5a2d8257ae31b68a08b23d64451698e250399c27183478700272cac1d9 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Tue, 30 Apr 2024 05:09:39 GMT x-ms-meta-fileid 6834a05c-d59b-4849-95b0-35f837ed2318 last-modified Fri, 19 Jan 2024 10:49:53 GMT etag 0x8DC18DC5E46628A x-azure-ref 20240430T050939Z-17859dc676bcxgd98xd7z11vh40000000620000000014qx1 x-cache TCP_MISS content-type image/jpeg x-ms-request-id 3a389ab4-a01e-0061-55bc-9aba77000000 cache-control public, max-age=7776000 x-ms-version 2009-09-19 x-fd-int-roxy-purgeid 0 accept-ranges bytes content-length 46689
GET H2	200	figure-18-msbuild.exe-was-used-to-perform-information-stealing-techniques.-.jpg media.bridewell.com/web/images/default-source/default-album/	33 KB 34 KB	105ms 104ms	Image image/jpeg	2620:1ec:46::64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://media.bridewell.com/web/images/default-source/default-album/figure-18-msbuild.exe-was-used-to-perform-information-stealing-techniques.-.jpg?sfvrsn=ed4f4fc0_1 Requested by Host: www.bridewell.com URL: https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash dd13b13deba43e06684902b40d054f43088e4f11c8ac79cacc8eb641d2a67643 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Tue, 30 Apr 2024 05:09:39 GMT x-ms-meta-fileid 7af6a674-fd0c-4d5b-aa00-6dd442447150 last-modified Fri, 19 Jan 2024 10:51:50 GMT etag 0x8DC18DCA4379755 x-azure-ref 20240430T050939Z-17859dc676bcxgd98xd7z11vh40000000620000000014qx3 x-cache TCP_MISS content-type image/jpeg x-ms-request-id dd5683aa-001e-003f-11bc-9a7b59000000 cache-control public, max-age=7776000 x-ms-version 2009-09-19 x-fd-int-roxy-purgeid 0 accept-ranges bytes content-length 34109
GET H2	200	figure-19-research-conducted-by-bridewell-cti-into-msbuild-command-and-control-techniques-.jpg media.bridewell.com/web/images/default-source/default-album/	69 KB 69 KB	136ms 136ms	Image image/jpeg	2620:1ec:46::64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://media.bridewell.com/web/images/default-source/default-album/figure-19-research-conducted-by-bridewell-cti-into-msbuild-command-and-control-techniques-.jpg?sfvrsn=2b3c58e_1 Requested by Host: www.bridewell.com URL: https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e6a6ce4ed2191536012bcfbb3164a18db8e717b05200e86f573f08dcca50018f Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Tue, 30 Apr 2024 05:09:40 GMT x-ms-meta-fileid 0196709d-8669-4f7f-8351-af1602c704ff last-modified Fri, 19 Jan 2024 10:52:30 GMT etag 0x8DC18DCBC198057 x-azure-ref 20240430T050939Z-17859dc676bcxgd98xd7z11vh40000000620000000014qxa x-cache TCP_MISS content-type image/jpeg x-ms-request-id 24f067fe-c01e-005b-79bc-9a9573000000 cache-control public, max-age=7776000 x-ms-version 2009-09-19 x-fd-int-roxy-purgeid 0 accept-ranges bytes content-length 70193
GET H2	200	figure-20-msbuild.exe-was-used-to-download-and-execute-further-malware.-.jpg media.bridewell.com/web/images/default-source/default-album/	31 KB 32 KB	103ms 103ms	Image image/jpeg	2620:1ec:46::64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://media.bridewell.com/web/images/default-source/default-album/figure-20-msbuild.exe-was-used-to-download-and-execute-further-malware.-.jpg?sfvrsn=e740f0af_1 Requested by Host: www.bridewell.com URL: https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 5169dc0a0d4bfdaaac1a9ba610afc974926b5e7f49c43904e254b3a8e5597d25 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Tue, 30 Apr 2024 05:09:40 GMT x-ms-meta-fileid 5dc3ed49-8520-4acc-b7a9-1e331a2c1220 last-modified Fri, 19 Jan 2024 10:53:12 GMT etag 0x8DC18DCD4FDEF36 x-azure-ref 20240430T050939Z-17859dc676bcxgd98xd7z11vh40000000620000000014qxd x-cache TCP_MISS content-type image/jpeg x-ms-request-id 67f5e406-501e-000e-62bc-9a714a000000 cache-control public, max-age=7776000 x-ms-version 2009-09-19 x-fd-int-roxy-purgeid 0 accept-ranges bytes content-length 31946
GET H2	200	figure-21-further-payloads-attributed-to-amadey-malware.-.jpg media.bridewell.com/web/images/default-source/default-album/	72 KB 72 KB	118ms 118ms	Image image/jpeg	2620:1ec:46::64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://media.bridewell.com/web/images/default-source/default-album/figure-21-further-payloads-attributed-to-amadey-malware.-.jpg?sfvrsn=fcb9e4b9_1 Requested by Host: www.bridewell.com URL: https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 575ea9881d375605563fc2679b11ec34c466817c5cf3cdda8a2782230670a87c Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Tue, 30 Apr 2024 05:09:40 GMT x-ms-meta-fileid 83210d0c-1d08-49ec-a2c6-4a40183f94c3 last-modified Fri, 19 Jan 2024 10:53:56 GMT etag 0x8DC18DCEF09F3DA x-azure-ref 20240430T050939Z-17859dc676bcxgd98xd7z11vh40000000620000000014qxk x-cache TCP_MISS content-type image/jpeg x-ms-request-id 65de266b-001e-002f-10bc-9acb7b000000 cache-control public, max-age=7776000 x-ms-version 2009-09-19 x-fd-int-roxy-purgeid 0 accept-ranges bytes content-length 73550
GET H2	200	figure-22-the-bridewell-cti-team-conducted-analysis-of-amadey-within-a-sandbox-environment.-.jpg media.bridewell.com/web/images/default-source/default-album/	22 KB 23 KB	91ms 90ms	Image image/jpeg	2620:1ec:46::64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://media.bridewell.com/web/images/default-source/default-album/figure-22-the-bridewell-cti-team-conducted-analysis-of-amadey-within-a-sandbox-environment.-.jpg?sfvrsn=1fa1c9d3_1 Requested by Host: www.bridewell.com URL: https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash ac6b71487b56702b09b9274746afde1232d4fca34050f91040ae16cf87c1dc74 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Tue, 30 Apr 2024 05:09:40 GMT x-ms-meta-fileid e0ee052f-8f94-4f76-8d1a-d7af5a858c89 last-modified Fri, 19 Jan 2024 10:54:37 GMT etag 0x8DC18DD07DBA0E9 x-azure-ref 20240430T050940Z-17859dc676bcxgd98xd7z11vh40000000620000000014qxm x-cache TCP_MISS content-type image/jpeg x-ms-request-id 46ef9800-e01e-000d-4abc-9a0c4c000000 cache-control public, max-age=7776000 x-ms-version 2009-09-19 x-fd-int-roxy-purgeid 0 accept-ranges bytes content-length 22910
GET H2	200	figure-23-wider-research-reveals-an-amadey-login-panel.-.jpg media.bridewell.com/web/images/default-source/default-album/	19 KB 19 KB	99ms 99ms	Image image/jpeg	2620:1ec:46::64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://media.bridewell.com/web/images/default-source/default-album/figure-23-wider-research-reveals-an-amadey-login-panel.-.jpg?sfvrsn=273d2144_1 Requested by Host: www.bridewell.com URL: https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 16867238149f21e7986899d1b61c22bd56f0222b56c399e5659cda363bfec7b8 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Tue, 30 Apr 2024 05:09:40 GMT x-ms-meta-fileid 1022c701-4b7c-4858-9319-add7f0480d51 last-modified Fri, 19 Jan 2024 10:55:12 GMT etag 0x8DC18DD1C74B2D5 x-azure-ref 20240430T050940Z-17859dc676bcxgd98xd7z11vh40000000620000000014qxn x-cache TCP_MISS content-type image/jpeg x-ms-request-id dea4e983-301e-0018-2abc-9a3b64000000 cache-control public, max-age=7776000 x-ms-version 2009-09-19 x-fd-int-roxy-purgeid 0 accept-ranges bytes content-length 19365
GET H2	200	figure-24-the-amadey-payload-was-observed-conducting-persistence-techniques.-.jpg media.bridewell.com/web/images/default-source/default-album/	36 KB 37 KB	250ms 249ms	Image image/jpeg	2620:1ec:46::64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://media.bridewell.com/web/images/default-source/default-album/figure-24-the-amadey-payload-was-observed-conducting-persistence-techniques.-.jpg?sfvrsn=7aabe1de_1 Requested by Host: www.bridewell.com URL: https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 5a41e9b126cbd08ae887580ea870fdc64e5807136e7bac102af33f90a8a52653 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Tue, 30 Apr 2024 05:09:40 GMT x-ms-meta-fileid d1b77c42-83e5-4bd4-8165-dedec7b0078e last-modified Fri, 19 Jan 2024 10:55:50 GMT etag 0x8DC18DD33454859 x-azure-ref 20240430T050940Z-17859dc676bcxgd98xd7z11vh40000000620000000014qxr x-cache TCP_MISS content-type image/jpeg x-ms-request-id 24f06815-c01e-005b-09bc-9a9573000000 cache-control public, max-age=7776000 x-ms-version 2009-09-19 x-fd-int-roxy-purgeid 0 accept-ranges bytes content-length 37139
GET H2	200	figure-25-the-amadey-payload-was-observed-conducting-information-gathering-techniques.-.jpg media.bridewell.com/web/images/default-source/default-album/	36 KB 37 KB	175ms 175ms	Image image/jpeg	2620:1ec:46::64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://media.bridewell.com/web/images/default-source/default-album/figure-25-the-amadey-payload-was-observed-conducting-information-gathering-techniques.-.jpg?sfvrsn=a35b092b_1 Requested by Host: www.bridewell.com URL: https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 42f55251a6171052ff11e92ffa08c292c11a4549c22c1c1c47767fa5f1511c43 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Tue, 30 Apr 2024 05:09:40 GMT x-ms-meta-fileid afd4eefa-70d4-4c2a-9c1c-73a30249fb95 last-modified Fri, 19 Jan 2024 10:57:21 GMT etag 0x8DC18DD695AB6CF x-azure-ref 20240430T050940Z-17859dc676bcxgd98xd7z11vh40000000620000000014qxy x-cache TCP_MISS content-type image/jpeg x-ms-request-id 3e498b7e-f01e-0050-10bc-9ab064000000 cache-control public, max-age=7776000 x-ms-version 2009-09-19 x-fd-int-roxy-purgeid 0 accept-ranges bytes content-length 37109
GET H2	200	figure-26-evidence-of-amadey-malware-executing-cacls-commands.-source-vmray.jpg media.bridewell.com/web/images/default-source/default-album/	30 KB 31 KB	106ms 105ms	Image image/jpeg	2620:1ec:46::64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://media.bridewell.com/web/images/default-source/default-album/figure-26-evidence-of-amadey-malware-executing-cacls-commands.-source-vmray.jpg?sfvrsn=9f46f42b_1 Requested by Host: www.bridewell.com URL: https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 93ffd46b3243d70a3c3a04529f4f843526ad26989e6527b00bac75db7df74786 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Tue, 30 Apr 2024 05:09:40 GMT x-ms-meta-fileid c7d4395d-d77f-4738-b3b9-3c8c323ca304 last-modified Fri, 19 Jan 2024 10:58:05 GMT etag 0x8DC18DD8361B132 x-azure-ref 20240430T050940Z-17859dc676bcxgd98xd7z11vh40000000620000000014qy1 x-cache TCP_MISS content-type image/jpeg x-ms-request-id 8c8c5b01-b01e-0054-2abc-9a1c6c000000 cache-control public, max-age=7776000 x-ms-version 2009-09-19 x-fd-int-roxy-purgeid 0 accept-ranges bytes content-length 30933
GET H2	200	figure-27-cacls-can-be-used-to-prevent-a-user-from-deleting-a-file.-c8dc32d7-aa65-436e-83ff-385550560e33.jpg media.bridewell.com/web/images/default-source/default-album/	65 KB 65 KB	130ms 130ms	Image image/jpeg	2620:1ec:46::64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://media.bridewell.com/web/images/default-source/default-album/figure-27-cacls-can-be-used-to-prevent-a-user-from-deleting-a-file.-c8dc32d7-aa65-436e-83ff-385550560e33.jpg?sfvrsn=ea7032b9_1 Requested by Host: www.bridewell.com URL: https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 5f52481e23623e341332e8ab8a98b6446828f8dd86f637e31b752837ccda3a3b Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Tue, 30 Apr 2024 05:09:40 GMT x-ms-meta-fileid d9c73165-9837-4fd6-8ef4-0cf805fa4da9 last-modified Fri, 19 Jan 2024 11:00:38 GMT etag 0x8DC18DDDEBAF423 x-azure-ref 20240430T050940Z-17859dc676bcxgd98xd7z11vh40000000620000000014qy2 x-cache TCP_MISS content-type image/jpeg x-ms-request-id afb4e1e2-501e-0022-39bc-9a1460000000 cache-control public, max-age=7776000 x-ms-version 2009-09-19 x-fd-int-roxy-purgeid 0 accept-ranges bytes content-length 66210
GET H2	200	figure-28-research-conducted-by-the-bridewell-cti-team-into-the-usage-of-this-command.-.jpg media.bridewell.com/web/images/default-source/default-album/	19 KB 19 KB	92ms 92ms	Image image/jpeg	2620:1ec:46::64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://media.bridewell.com/web/images/default-source/default-album/figure-28-research-conducted-by-the-bridewell-cti-team-into-the-usage-of-this-command.-.jpg?sfvrsn=95fcfb01_1 Requested by Host: www.bridewell.com URL: https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash eab78ac7632053218a68eb94168c0ac5f33cb04376040e2c340d43b8d75f4e25 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Tue, 30 Apr 2024 05:09:40 GMT x-ms-meta-fileid e2402b0d-ddb8-48df-b458-60d35fc2583a last-modified Fri, 19 Jan 2024 11:03:20 GMT etag 0x8DC18DE3F4264EA x-azure-ref 20240430T050940Z-17859dc676bcxgd98xd7z11vh40000000620000000014qy3 x-cache TCP_MISS content-type image/jpeg x-ms-request-id c13a641d-c01e-004b-35bc-9a2551000000 cache-control public, max-age=7776000 x-ms-version 2009-09-19 x-fd-int-roxy-purgeid 0 accept-ranges bytes content-length 19234
GET H2	200	bridewell-purple-avatar.png media.bridewell.com/web/images/default-source/logos/	18 KB 18 KB	104ms 104ms	Image image/png	2620:1ec:46::64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://media.bridewell.com/web/images/default-source/logos/bridewell-purple-avatar.png?sfvrsn=c5745127_3 Requested by Host: www.bridewell.com URL: https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash b973e1c06d5090f68f36a1abdcd29afa6903f30b18732b2e11f9b360aa1ad71d Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Tue, 30 Apr 2024 05:09:39 GMT x-ms-meta-fileid 98974557-68d3-4d90-aecc-932eda4b18ee last-modified Thu, 01 Dec 2022 10:09:02 GMT etag 0x8DAD3841298A09B x-azure-ref 20240430T050939Z-17859dc676bcxgd98xd7z11vh40000000620000000014qvk x-cache TCP_MISS content-type image/png x-ms-request-id 46ef9755-e01e-000d-2bbc-9a0c4c000000 cache-control public, max-age=7776000 x-ms-version 2009-09-19 x-fd-int-roxy-purgeid 0 accept-ranges bytes content-length 18375
GET H2	200	RSS-feed.svg www.bridewell.com/ResourcePackages/BridewellConsulting/assets/dist/img/	1 KB 4 KB	141ms 139ms	Image image/svg+xml	2620:1ec:46::64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.bridewell.com/ResourcePackages/BridewellConsulting/assets/dist/img/RSS-feed.svg Requested by Host: www.bridewell.com URL: https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 614ecdc543dfa46ddeae531e5dbb8545f09e3cc7516158ef2f486c4473e6d363 Security Headers Name Value Content-Security-Policy default-src 'self' *.appius.co.uk *.google.com *.bridewell.com *.insights.bridewell.com *.iconnode.com popupsmart.com forms.office.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.google.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com unpkg.com/@frontify/ *.cloudinary.com *.onetrust.com *.bridewellconsulting.com *.livechatinc.com snap.licdn.com https://*.googletagmanager.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com/ popupsmart.com insights.bridewell.com https://pi.pardot.com *.iconnode.com forms.office.com; style-src 'self' 'unsafe-inline' *.googleapis.com forms.office.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com https://www.googletagmanager.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: secure.livechatinc.com cdn.livechatinc.com https://*.hotjar.com https://*.canva.com popupsmart.com cdn.popupsmart.com; img-src 'self' *.gstatic.com *.googleapis.com https://*.popupsmart.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com *.onetrust.com px.ads.linkedin.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google.co.uk https://cdn.livechatinc.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com; media-src 'self' data: blob: *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com cdn.popupsmart.com popupsmart.com; frame-ancestors 'self' https://bridewellconsulting.sharepoint.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.frontify.com cloudinary.com *.cloudinary.com *.appius.co.uk *.google.com *.bridewell.com *.bridewellconsulting.com secure.livechatinc.com/ https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com; connect-src 'self' data: accounts.google.com stats.g.doubleclick.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.analytics.google.com *.gstatic.com *.frontify.com *.cloudinary.com *.onetrust.com *.bridewellconsulting.com cdn.linkedin.oribi.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://www.facebook.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com https://px.ads.linkedin.com https://*.popupsmart.com; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:09:39 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-security-policy default-src 'self' *.appius.co.uk *.google.com *.bridewell.com *.insights.bridewell.com *.iconnode.com popupsmart.com forms.office.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.google.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com unpkg.com/@frontify/ *.cloudinary.com *.onetrust.com *.bridewellconsulting.com *.livechatinc.com snap.licdn.com https://*.googletagmanager.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com/ popupsmart.com insights.bridewell.com https://pi.pardot.com *.iconnode.com forms.office.com; style-src 'self' 'unsafe-inline' *.googleapis.com forms.office.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com https://www.googletagmanager.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: secure.livechatinc.com cdn.livechatinc.com https://*.hotjar.com https://*.canva.com popupsmart.com cdn.popupsmart.com; img-src 'self' *.gstatic.com *.googleapis.com https://*.popupsmart.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com *.onetrust.com px.ads.linkedin.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google.co.uk https://cdn.livechatinc.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com; media-src 'self' data: blob: *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com cdn.popupsmart.com popupsmart.com; frame-ancestors 'self' https://bridewellconsulting.sharepoint.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.frontify.com cloudinary.com *.cloudinary.com *.appius.co.uk *.google.com *.bridewell.com *.bridewellconsulting.com secure.livechatinc.com/ https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com; connect-src 'self' data: accounts.google.com stats.g.doubleclick.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.analytics.google.com *.gstatic.com *.frontify.com *.cloudinary.com *.onetrust.com *.bridewellconsulting.com cdn.linkedin.oribi.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://www.facebook.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com https://px.ads.linkedin.com https://*.popupsmart.com; x-permitted-cross-domain-policies none x-cache CONFIG_NOCACHE content-length 1042 x-xss-protection 1; mode=block request-context appId=cid-v1:35f9c660-8cdd-4673-a103-1ce2f09d11cf referrer-policy no-referrer-when-downgrade last-modified Mon, 15 Apr 2024 08:30:19 GMT etag "1d3e6f26f8fda1:0" x-frame-options SAMEORIGIN x-azure-ref 20240430T050939Z-17859dc676bcxgd98xd7z11vh40000000620000000014qve content-type image/svg+xml access-control-expose-headers Request-Context cache-control max-age=2678400 accept-ranges bytes
GET H2	200	language-selector.min.js Show response www.bridewell.com/Frontend-Assembly/Telerik.Sitefinity.Frontend.Navigation/Mvc/Scripts/LanguageSelector/	151 B 3 KB	142ms 138ms	Script application/x-javascript	2620:1ec:46::64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.bridewell.com/Frontend-Assembly/Telerik.Sitefinity.Frontend.Navigation/Mvc/Scripts/LanguageSelector/language-selector.min.js?package=BridewellConsulting&v=MTQuMi43OTMxLjA%3d Requested by Host: www.bridewell.com URL: https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 920ce4e4c6bc8c57a204ad799b125e18ddf7d1e613a23a48374a75f8dbab50c6 Security Headers Name Value Content-Security-Policy default-src 'self' *.appius.co.uk *.google.com *.bridewell.com *.insights.bridewell.com *.iconnode.com popupsmart.com forms.office.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.google.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com unpkg.com/@frontify/ *.cloudinary.com *.onetrust.com *.bridewellconsulting.com *.livechatinc.com snap.licdn.com https://*.googletagmanager.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com/ popupsmart.com insights.bridewell.com https://pi.pardot.com *.iconnode.com forms.office.com; style-src 'self' 'unsafe-inline' *.googleapis.com forms.office.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com https://www.googletagmanager.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: secure.livechatinc.com cdn.livechatinc.com https://*.hotjar.com https://*.canva.com popupsmart.com cdn.popupsmart.com; img-src 'self' *.gstatic.com *.googleapis.com https://*.popupsmart.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com *.onetrust.com px.ads.linkedin.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google.co.uk https://cdn.livechatinc.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com; media-src 'self' data: blob: *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com cdn.popupsmart.com popupsmart.com; frame-ancestors 'self' https://bridewellconsulting.sharepoint.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.frontify.com cloudinary.com *.cloudinary.com *.appius.co.uk *.google.com *.bridewell.com *.bridewellconsulting.com secure.livechatinc.com/ https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com; connect-src 'self' data: accounts.google.com stats.g.doubleclick.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.analytics.google.com *.gstatic.com *.frontify.com *.cloudinary.com *.onetrust.com *.bridewellconsulting.com cdn.linkedin.oribi.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://www.facebook.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com https://px.ads.linkedin.com https://*.popupsmart.com; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:09:39 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains x-permitted-cross-domain-policies none content-security-policy default-src 'self' *.appius.co.uk *.google.com *.bridewell.com *.insights.bridewell.com *.iconnode.com popupsmart.com forms.office.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.google.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com unpkg.com/@frontify/ *.cloudinary.com *.onetrust.com *.bridewellconsulting.com *.livechatinc.com snap.licdn.com https://*.googletagmanager.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com/ popupsmart.com insights.bridewell.com https://pi.pardot.com *.iconnode.com forms.office.com; style-src 'self' 'unsafe-inline' *.googleapis.com forms.office.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com https://www.googletagmanager.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: secure.livechatinc.com cdn.livechatinc.com https://*.hotjar.com https://*.canva.com popupsmart.com cdn.popupsmart.com; img-src 'self' *.gstatic.com *.googleapis.com https://*.popupsmart.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com *.onetrust.com px.ads.linkedin.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google.co.uk https://cdn.livechatinc.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com; media-src 'self' data: blob: *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com cdn.popupsmart.com popupsmart.com; frame-ancestors 'self' https://bridewellconsulting.sharepoint.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.frontify.com cloudinary.com *.cloudinary.com *.appius.co.uk *.google.com *.bridewell.com *.bridewellconsulting.com secure.livechatinc.com/ https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com; connect-src 'self' data: accounts.google.com stats.g.doubleclick.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.analytics.google.com *.gstatic.com *.frontify.com *.cloudinary.com *.onetrust.com *.bridewellconsulting.com cdn.linkedin.oribi.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://www.facebook.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com https://px.ads.linkedin.com https://*.popupsmart.com; x-cache CONFIG_NOCACHE content-length 253 x-xss-protection 1; mode=block request-context appId=cid-v1:35f9c660-8cdd-4673-a103-1ce2f09d11cf referrer-policy no-referrer-when-downgrade last-modified Mon, 15 Apr 2024 08:30:18 GMT vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/x-javascript x-azure-ref 20240430T050939Z-17859dc676bcxgd98xd7z11vh40000000620000000014qva access-control-expose-headers Request-Context cache-control public, max-age=86400 accept-ranges bytes expires Tue, 07 May 2024 05:09:39 GMT
GET H2	200	main.js Show response www.bridewell.com/ResourcePackages/BridewellConsulting/assets/bundles/	232 KB 94 KB	124ms 120ms	Script text/javascript	2620:1ec:46::64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.bridewell.com/ResourcePackages/BridewellConsulting/assets/bundles/main.js?v=d21DApibtOy61Rtct01PKowFZ30Mh5CWDMr6sU2prow1 Requested by Host: www.bridewell.com URL: https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash eaacb2e48d527ba80ec2adb2ceaa8e9dd5e40c6ed499fce0c688792ea4fe5ff2 Security Headers Name Value Content-Security-Policy default-src 'self' *.appius.co.uk *.google.com *.bridewell.com *.insights.bridewell.com *.iconnode.com popupsmart.com forms.office.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.google.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com unpkg.com/@frontify/ *.cloudinary.com *.onetrust.com *.bridewellconsulting.com *.livechatinc.com snap.licdn.com https://*.googletagmanager.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com/ popupsmart.com insights.bridewell.com https://pi.pardot.com *.iconnode.com forms.office.com; style-src 'self' 'unsafe-inline' *.googleapis.com forms.office.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com https://www.googletagmanager.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: secure.livechatinc.com cdn.livechatinc.com https://*.hotjar.com https://*.canva.com popupsmart.com cdn.popupsmart.com; img-src 'self' *.gstatic.com *.googleapis.com https://*.popupsmart.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com *.onetrust.com px.ads.linkedin.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google.co.uk https://cdn.livechatinc.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com; media-src 'self' data: blob: *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com cdn.popupsmart.com popupsmart.com; frame-ancestors 'self' https://bridewellconsulting.sharepoint.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.frontify.com cloudinary.com *.cloudinary.com *.appius.co.uk *.google.com *.bridewell.com *.bridewellconsulting.com secure.livechatinc.com/ https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com; connect-src 'self' data: accounts.google.com stats.g.doubleclick.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.analytics.google.com *.gstatic.com *.frontify.com *.cloudinary.com *.onetrust.com *.bridewellconsulting.com cdn.linkedin.oribi.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://www.facebook.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com https://px.ads.linkedin.com https://*.popupsmart.com; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:09:39 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains x-permitted-cross-domain-policies none content-security-policy default-src 'self' *.appius.co.uk *.google.com *.bridewell.com *.insights.bridewell.com *.iconnode.com popupsmart.com forms.office.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.google.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com unpkg.com/@frontify/ *.cloudinary.com *.onetrust.com *.bridewellconsulting.com *.livechatinc.com snap.licdn.com https://*.googletagmanager.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com/ popupsmart.com insights.bridewell.com https://pi.pardot.com *.iconnode.com forms.office.com; style-src 'self' 'unsafe-inline' *.googleapis.com forms.office.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com https://www.googletagmanager.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: secure.livechatinc.com cdn.livechatinc.com https://*.hotjar.com https://*.canva.com popupsmart.com cdn.popupsmart.com; img-src 'self' *.gstatic.com *.googleapis.com https://*.popupsmart.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com *.onetrust.com px.ads.linkedin.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google.co.uk https://cdn.livechatinc.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com; media-src 'self' data: blob: *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com cdn.popupsmart.com popupsmart.com; frame-ancestors 'self' https://bridewellconsulting.sharepoint.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.frontify.com cloudinary.com *.cloudinary.com *.appius.co.uk *.google.com *.bridewell.com *.bridewellconsulting.com secure.livechatinc.com/ https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com; connect-src 'self' data: accounts.google.com stats.g.doubleclick.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.analytics.google.com *.gstatic.com *.frontify.com *.cloudinary.com *.onetrust.com *.bridewellconsulting.com cdn.linkedin.oribi.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://www.facebook.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com https://px.ads.linkedin.com https://*.popupsmart.com; x-cache CONFIG_NOCACHE x-xss-protection 1; mode=block request-context appId=cid-v1:35f9c660-8cdd-4673-a103-1ce2f09d11cf referrer-policy no-referrer-when-downgrade last-modified Tue, 30 Apr 2024 05:09:39 GMT vary User-Agent,Accept-Encoding x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 x-azure-ref 20240430T050939Z-17859dc676bcxgd98xd7z11vh40000000620000000014qvb access-control-expose-headers Request-Context cache-control public, max-age=31536000 expires Wed, 30 Apr 2025 05:09:39 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	232 KB 82 KB	83ms 34ms	Script application/javascript	2a00:1450:4001:813::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-TGJCR96 Requested by Host: www.bridewell.com URL: https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 8fe75e6572538edd92d146162af640d648df7742fc375eea51c569b9eb62dbe9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:09:39 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 83967 x-xss-protection 0 last-modified Tue, 30 Apr 2024 03:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 30 Apr 2024 05:09:39 GMT
GET H2	200	inter-v11-latin-100.woff2 www.bridewell.com/ResourcePackages/BridewellConsulting/assets/dist/fonts/	16 KB 19 KB	68ms 66ms	Font application/font-woff2	2620:1ec:46::64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.bridewell.com/ResourcePackages/BridewellConsulting/assets/dist/fonts/inter-v11-latin-100.woff2 Requested by Host: www.bridewell.com URL: https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash cdb79ee95fafc32a1f0ea6ee4907a1770326a7b80b27dc2571b0fa774986532a Security Headers Name Value Content-Security-Policy default-src 'self' *.appius.co.uk *.google.com *.bridewell.com *.insights.bridewell.com *.iconnode.com popupsmart.com forms.office.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.google.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com unpkg.com/@frontify/ *.cloudinary.com *.onetrust.com *.bridewellconsulting.com *.livechatinc.com snap.licdn.com https://*.googletagmanager.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com/ popupsmart.com insights.bridewell.com https://pi.pardot.com *.iconnode.com forms.office.com; style-src 'self' 'unsafe-inline' *.googleapis.com forms.office.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com https://www.googletagmanager.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: secure.livechatinc.com cdn.livechatinc.com https://*.hotjar.com https://*.canva.com popupsmart.com cdn.popupsmart.com; img-src 'self' *.gstatic.com *.googleapis.com https://*.popupsmart.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com *.onetrust.com px.ads.linkedin.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google.co.uk https://cdn.livechatinc.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com; media-src 'self' data: blob: *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com cdn.popupsmart.com popupsmart.com; frame-ancestors 'self' https://bridewellconsulting.sharepoint.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.frontify.com cloudinary.com *.cloudinary.com *.appius.co.uk *.google.com *.bridewell.com *.bridewellconsulting.com secure.livechatinc.com/ https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com; connect-src 'self' data: accounts.google.com stats.g.doubleclick.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.analytics.google.com *.gstatic.com *.frontify.com *.cloudinary.com *.onetrust.com *.bridewellconsulting.com cdn.linkedin.oribi.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://www.facebook.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com https://px.ads.linkedin.com https://*.popupsmart.com; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Origin https://www.bridewell.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:09:39 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-security-policy default-src 'self' *.appius.co.uk *.google.com *.bridewell.com *.insights.bridewell.com *.iconnode.com popupsmart.com forms.office.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.google.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com unpkg.com/@frontify/ *.cloudinary.com *.onetrust.com *.bridewellconsulting.com *.livechatinc.com snap.licdn.com https://*.googletagmanager.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com/ popupsmart.com insights.bridewell.com https://pi.pardot.com *.iconnode.com forms.office.com; style-src 'self' 'unsafe-inline' *.googleapis.com forms.office.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com https://www.googletagmanager.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: secure.livechatinc.com cdn.livechatinc.com https://*.hotjar.com https://*.canva.com popupsmart.com cdn.popupsmart.com; img-src 'self' *.gstatic.com *.googleapis.com https://*.popupsmart.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com *.onetrust.com px.ads.linkedin.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google.co.uk https://cdn.livechatinc.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com; media-src 'self' data: blob: *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com cdn.popupsmart.com popupsmart.com; frame-ancestors 'self' https://bridewellconsulting.sharepoint.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.frontify.com cloudinary.com *.cloudinary.com *.appius.co.uk *.google.com *.bridewell.com *.bridewellconsulting.com secure.livechatinc.com/ https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com; connect-src 'self' data: accounts.google.com stats.g.doubleclick.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.analytics.google.com *.gstatic.com *.frontify.com *.cloudinary.com *.onetrust.com *.bridewellconsulting.com cdn.linkedin.oribi.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://www.facebook.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com https://px.ads.linkedin.com https://*.popupsmart.com; x-permitted-cross-domain-policies none x-cache CONFIG_NOCACHE content-length 16440 x-xss-protection 1; mode=block request-context appId=cid-v1:35f9c660-8cdd-4673-a103-1ce2f09d11cf referrer-policy no-referrer-when-downgrade last-modified Mon, 15 Apr 2024 08:30:18 GMT etag "ba653826f8fda1:0" x-frame-options SAMEORIGIN x-azure-ref 20240430T050939Z-17859dc676bcxgd98xd7z11vh40000000620000000014quz content-type application/font-woff2 access-control-expose-headers Request-Context cache-control max-age=2678400 accept-ranges bytes
GET H2	200	inter-v11-latin-200.woff2 www.bridewell.com/ResourcePackages/BridewellConsulting/assets/dist/fonts/	17 KB 20 KB	146ms 144ms	Font application/font-woff2	2620:1ec:46::64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.bridewell.com/ResourcePackages/BridewellConsulting/assets/dist/fonts/inter-v11-latin-200.woff2 Requested by Host: www.bridewell.com URL: https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 7a4f6878fbed351f17e9262abdcc01a6044ddab3ef95e343985cac90aabc8de4 Security Headers Name Value Content-Security-Policy default-src 'self' *.appius.co.uk *.google.com *.bridewell.com *.insights.bridewell.com *.iconnode.com popupsmart.com forms.office.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.google.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com unpkg.com/@frontify/ *.cloudinary.com *.onetrust.com *.bridewellconsulting.com *.livechatinc.com snap.licdn.com https://*.googletagmanager.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com/ popupsmart.com insights.bridewell.com https://pi.pardot.com *.iconnode.com forms.office.com; style-src 'self' 'unsafe-inline' *.googleapis.com forms.office.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com https://www.googletagmanager.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: secure.livechatinc.com cdn.livechatinc.com https://*.hotjar.com https://*.canva.com popupsmart.com cdn.popupsmart.com; img-src 'self' *.gstatic.com *.googleapis.com https://*.popupsmart.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com *.onetrust.com px.ads.linkedin.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google.co.uk https://cdn.livechatinc.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com; media-src 'self' data: blob: *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com cdn.popupsmart.com popupsmart.com; frame-ancestors 'self' https://bridewellconsulting.sharepoint.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.frontify.com cloudinary.com *.cloudinary.com *.appius.co.uk *.google.com *.bridewell.com *.bridewellconsulting.com secure.livechatinc.com/ https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com; connect-src 'self' data: accounts.google.com stats.g.doubleclick.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.analytics.google.com *.gstatic.com *.frontify.com *.cloudinary.com *.onetrust.com *.bridewellconsulting.com cdn.linkedin.oribi.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://www.facebook.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com https://px.ads.linkedin.com https://*.popupsmart.com; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Origin https://www.bridewell.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:09:39 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-security-policy default-src 'self' *.appius.co.uk *.google.com *.bridewell.com *.insights.bridewell.com *.iconnode.com popupsmart.com forms.office.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.google.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com unpkg.com/@frontify/ *.cloudinary.com *.onetrust.com *.bridewellconsulting.com *.livechatinc.com snap.licdn.com https://*.googletagmanager.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com/ popupsmart.com insights.bridewell.com https://pi.pardot.com *.iconnode.com forms.office.com; style-src 'self' 'unsafe-inline' *.googleapis.com forms.office.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com https://www.googletagmanager.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: secure.livechatinc.com cdn.livechatinc.com https://*.hotjar.com https://*.canva.com popupsmart.com cdn.popupsmart.com; img-src 'self' *.gstatic.com *.googleapis.com https://*.popupsmart.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com *.onetrust.com px.ads.linkedin.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google.co.uk https://cdn.livechatinc.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com; media-src 'self' data: blob: *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com cdn.popupsmart.com popupsmart.com; frame-ancestors 'self' https://bridewellconsulting.sharepoint.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.frontify.com cloudinary.com *.cloudinary.com *.appius.co.uk *.google.com *.bridewell.com *.bridewellconsulting.com secure.livechatinc.com/ https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com; connect-src 'self' data: accounts.google.com stats.g.doubleclick.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.analytics.google.com *.gstatic.com *.frontify.com *.cloudinary.com *.onetrust.com *.bridewellconsulting.com cdn.linkedin.oribi.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://www.facebook.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com https://px.ads.linkedin.com https://*.popupsmart.com; x-permitted-cross-domain-policies none x-cache CONFIG_NOCACHE content-length 17264 x-xss-protection 1; mode=block request-context appId=cid-v1:35f9c660-8cdd-4673-a103-1ce2f09d11cf referrer-policy no-referrer-when-downgrade last-modified Mon, 15 Apr 2024 08:30:18 GMT etag "ba653826f8fda1:0" x-frame-options SAMEORIGIN x-azure-ref 20240430T050939Z-17859dc676bcxgd98xd7z11vh40000000620000000014qv0 content-type application/font-woff2 access-control-expose-headers Request-Context cache-control max-age=2678400 accept-ranges bytes
GET H2	200	inter-v11-latin-300.woff2 www.bridewell.com/ResourcePackages/BridewellConsulting/assets/dist/fonts/	17 KB 20 KB	159ms 158ms	Font application/font-woff2	2620:1ec:46::64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.bridewell.com/ResourcePackages/BridewellConsulting/assets/dist/fonts/inter-v11-latin-300.woff2 Requested by Host: www.bridewell.com URL: https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 8f400eb2f6fa018e0fb23c7e5f41d300fc9fc90aafeedc447a90aedabfd2162a Security Headers Name Value Content-Security-Policy default-src 'self' *.appius.co.uk *.google.com *.bridewell.com *.insights.bridewell.com *.iconnode.com popupsmart.com forms.office.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.google.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com unpkg.com/@frontify/ *.cloudinary.com *.onetrust.com *.bridewellconsulting.com *.livechatinc.com snap.licdn.com https://*.googletagmanager.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com/ popupsmart.com insights.bridewell.com https://pi.pardot.com *.iconnode.com forms.office.com; style-src 'self' 'unsafe-inline' *.googleapis.com forms.office.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com https://www.googletagmanager.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: secure.livechatinc.com cdn.livechatinc.com https://*.hotjar.com https://*.canva.com popupsmart.com cdn.popupsmart.com; img-src 'self' *.gstatic.com *.googleapis.com https://*.popupsmart.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com *.onetrust.com px.ads.linkedin.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google.co.uk https://cdn.livechatinc.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com; media-src 'self' data: blob: *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com cdn.popupsmart.com popupsmart.com; frame-ancestors 'self' https://bridewellconsulting.sharepoint.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.frontify.com cloudinary.com *.cloudinary.com *.appius.co.uk *.google.com *.bridewell.com *.bridewellconsulting.com secure.livechatinc.com/ https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com; connect-src 'self' data: accounts.google.com stats.g.doubleclick.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.analytics.google.com *.gstatic.com *.frontify.com *.cloudinary.com *.onetrust.com *.bridewellconsulting.com cdn.linkedin.oribi.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://www.facebook.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com https://px.ads.linkedin.com https://*.popupsmart.com; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Origin https://www.bridewell.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:09:39 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-security-policy default-src 'self' *.appius.co.uk *.google.com *.bridewell.com *.insights.bridewell.com *.iconnode.com popupsmart.com forms.office.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.google.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com unpkg.com/@frontify/ *.cloudinary.com *.onetrust.com *.bridewellconsulting.com *.livechatinc.com snap.licdn.com https://*.googletagmanager.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com/ popupsmart.com insights.bridewell.com https://pi.pardot.com *.iconnode.com forms.office.com; style-src 'self' 'unsafe-inline' *.googleapis.com forms.office.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com https://www.googletagmanager.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: secure.livechatinc.com cdn.livechatinc.com https://*.hotjar.com https://*.canva.com popupsmart.com cdn.popupsmart.com; img-src 'self' *.gstatic.com *.googleapis.com https://*.popupsmart.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com *.onetrust.com px.ads.linkedin.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google.co.uk https://cdn.livechatinc.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com; media-src 'self' data: blob: *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com cdn.popupsmart.com popupsmart.com; frame-ancestors 'self' https://bridewellconsulting.sharepoint.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.frontify.com cloudinary.com *.cloudinary.com *.appius.co.uk *.google.com *.bridewell.com *.bridewellconsulting.com secure.livechatinc.com/ https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com; connect-src 'self' data: accounts.google.com stats.g.doubleclick.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.analytics.google.com *.gstatic.com *.frontify.com *.cloudinary.com *.onetrust.com *.bridewellconsulting.com cdn.linkedin.oribi.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://www.facebook.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com https://px.ads.linkedin.com https://*.popupsmart.com; x-permitted-cross-domain-policies none x-cache CONFIG_NOCACHE content-length 17184 x-xss-protection 1; mode=block request-context appId=cid-v1:35f9c660-8cdd-4673-a103-1ce2f09d11cf referrer-policy no-referrer-when-downgrade last-modified Mon, 15 Apr 2024 08:30:18 GMT etag "4bc83a26f8fda1:0" x-frame-options SAMEORIGIN x-azure-ref 20240430T050939Z-17859dc676bcxgd98xd7z11vh40000000620000000014qv1 content-type application/font-woff2 access-control-expose-headers Request-Context cache-control max-age=2678400 accept-ranges bytes
GET H2	200	inter-v11-latin-500.woff2 www.bridewell.com/ResourcePackages/BridewellConsulting/assets/dist/fonts/	17 KB 20 KB	130ms 128ms	Font application/font-woff2	2620:1ec:46::64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.bridewell.com/ResourcePackages/BridewellConsulting/assets/dist/fonts/inter-v11-latin-500.woff2 Requested by Host: www.bridewell.com URL: https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash aa5a5a7aef18ee566c2ae611c7e7a23d61cceca332684e3f3d2bcbf7c4bfc886 Security Headers Name Value Content-Security-Policy default-src 'self' *.appius.co.uk *.google.com *.bridewell.com *.insights.bridewell.com *.iconnode.com popupsmart.com forms.office.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.google.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com unpkg.com/@frontify/ *.cloudinary.com *.onetrust.com *.bridewellconsulting.com *.livechatinc.com snap.licdn.com https://*.googletagmanager.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com/ popupsmart.com insights.bridewell.com https://pi.pardot.com *.iconnode.com forms.office.com; style-src 'self' 'unsafe-inline' *.googleapis.com forms.office.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com https://www.googletagmanager.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: secure.livechatinc.com cdn.livechatinc.com https://*.hotjar.com https://*.canva.com popupsmart.com cdn.popupsmart.com; img-src 'self' *.gstatic.com *.googleapis.com https://*.popupsmart.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com *.onetrust.com px.ads.linkedin.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google.co.uk https://cdn.livechatinc.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com; media-src 'self' data: blob: *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com cdn.popupsmart.com popupsmart.com; frame-ancestors 'self' https://bridewellconsulting.sharepoint.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.frontify.com cloudinary.com *.cloudinary.com *.appius.co.uk *.google.com *.bridewell.com *.bridewellconsulting.com secure.livechatinc.com/ https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com; connect-src 'self' data: accounts.google.com stats.g.doubleclick.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.analytics.google.com *.gstatic.com *.frontify.com *.cloudinary.com *.onetrust.com *.bridewellconsulting.com cdn.linkedin.oribi.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://www.facebook.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com https://px.ads.linkedin.com https://*.popupsmart.com; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Origin https://www.bridewell.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:09:39 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-security-policy default-src 'self' *.appius.co.uk *.google.com *.bridewell.com *.insights.bridewell.com *.iconnode.com popupsmart.com forms.office.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.google.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com unpkg.com/@frontify/ *.cloudinary.com *.onetrust.com *.bridewellconsulting.com *.livechatinc.com snap.licdn.com https://*.googletagmanager.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com/ popupsmart.com insights.bridewell.com https://pi.pardot.com *.iconnode.com forms.office.com; style-src 'self' 'unsafe-inline' *.googleapis.com forms.office.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com https://www.googletagmanager.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: secure.livechatinc.com cdn.livechatinc.com https://*.hotjar.com https://*.canva.com popupsmart.com cdn.popupsmart.com; img-src 'self' *.gstatic.com *.googleapis.com https://*.popupsmart.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com *.onetrust.com px.ads.linkedin.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google.co.uk https://cdn.livechatinc.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com; media-src 'self' data: blob: *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com cdn.popupsmart.com popupsmart.com; frame-ancestors 'self' https://bridewellconsulting.sharepoint.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.frontify.com cloudinary.com *.cloudinary.com *.appius.co.uk *.google.com *.bridewell.com *.bridewellconsulting.com secure.livechatinc.com/ https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com; connect-src 'self' data: accounts.google.com stats.g.doubleclick.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.analytics.google.com *.gstatic.com *.frontify.com *.cloudinary.com *.onetrust.com *.bridewellconsulting.com cdn.linkedin.oribi.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://www.facebook.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com https://px.ads.linkedin.com https://*.popupsmart.com; x-permitted-cross-domain-policies none x-cache CONFIG_NOCACHE content-length 17448 x-xss-protection 1; mode=block request-context appId=cid-v1:35f9c660-8cdd-4673-a103-1ce2f09d11cf referrer-policy no-referrer-when-downgrade last-modified Mon, 15 Apr 2024 08:30:18 GMT etag "ba653826f8fda1:0" x-frame-options SAMEORIGIN x-azure-ref 20240430T050939Z-17859dc676bcxgd98xd7z11vh40000000620000000014qv2 content-type application/font-woff2 access-control-expose-headers Request-Context cache-control max-age=2678400 accept-ranges bytes
GET H2	200	inter-v11-latin-600.woff2 www.bridewell.com/ResourcePackages/BridewellConsulting/assets/dist/fonts/	17 KB 20 KB	142ms 140ms	Font application/font-woff2	2620:1ec:46::64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.bridewell.com/ResourcePackages/BridewellConsulting/assets/dist/fonts/inter-v11-latin-600.woff2 Requested by Host: www.bridewell.com URL: https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash ff769fa64945176f409bcb7ebe92a385e9f9f1b11ccb095a14384dd209127011 Security Headers Name Value Content-Security-Policy default-src 'self' *.appius.co.uk *.google.com *.bridewell.com *.insights.bridewell.com *.iconnode.com popupsmart.com forms.office.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.google.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com unpkg.com/@frontify/ *.cloudinary.com *.onetrust.com *.bridewellconsulting.com *.livechatinc.com snap.licdn.com https://*.googletagmanager.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com/ popupsmart.com insights.bridewell.com https://pi.pardot.com *.iconnode.com forms.office.com; style-src 'self' 'unsafe-inline' *.googleapis.com forms.office.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com https://www.googletagmanager.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: secure.livechatinc.com cdn.livechatinc.com https://*.hotjar.com https://*.canva.com popupsmart.com cdn.popupsmart.com; img-src 'self' *.gstatic.com *.googleapis.com https://*.popupsmart.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com *.onetrust.com px.ads.linkedin.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google.co.uk https://cdn.livechatinc.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com; media-src 'self' data: blob: *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com cdn.popupsmart.com popupsmart.com; frame-ancestors 'self' https://bridewellconsulting.sharepoint.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.frontify.com cloudinary.com *.cloudinary.com *.appius.co.uk *.google.com *.bridewell.com *.bridewellconsulting.com secure.livechatinc.com/ https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com; connect-src 'self' data: accounts.google.com stats.g.doubleclick.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.analytics.google.com *.gstatic.com *.frontify.com *.cloudinary.com *.onetrust.com *.bridewellconsulting.com cdn.linkedin.oribi.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://www.facebook.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com https://px.ads.linkedin.com https://*.popupsmart.com; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Origin https://www.bridewell.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:09:39 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-security-policy default-src 'self' *.appius.co.uk *.google.com *.bridewell.com *.insights.bridewell.com *.iconnode.com popupsmart.com forms.office.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.google.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com unpkg.com/@frontify/ *.cloudinary.com *.onetrust.com *.bridewellconsulting.com *.livechatinc.com snap.licdn.com https://*.googletagmanager.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com/ popupsmart.com insights.bridewell.com https://pi.pardot.com *.iconnode.com forms.office.com; style-src 'self' 'unsafe-inline' *.googleapis.com forms.office.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com https://www.googletagmanager.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: secure.livechatinc.com cdn.livechatinc.com https://*.hotjar.com https://*.canva.com popupsmart.com cdn.popupsmart.com; img-src 'self' *.gstatic.com *.googleapis.com https://*.popupsmart.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com *.onetrust.com px.ads.linkedin.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google.co.uk https://cdn.livechatinc.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com; media-src 'self' data: blob: *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com cdn.popupsmart.com popupsmart.com; frame-ancestors 'self' https://bridewellconsulting.sharepoint.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.frontify.com cloudinary.com *.cloudinary.com *.appius.co.uk *.google.com *.bridewell.com *.bridewellconsulting.com secure.livechatinc.com/ https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com; connect-src 'self' data: accounts.google.com stats.g.doubleclick.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.analytics.google.com *.gstatic.com *.frontify.com *.cloudinary.com *.onetrust.com *.bridewellconsulting.com cdn.linkedin.oribi.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://www.facebook.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com https://px.ads.linkedin.com https://*.popupsmart.com; x-permitted-cross-domain-policies none x-cache CONFIG_NOCACHE content-length 17564 x-xss-protection 1; mode=block request-context appId=cid-v1:35f9c660-8cdd-4673-a103-1ce2f09d11cf referrer-policy no-referrer-when-downgrade last-modified Mon, 15 Apr 2024 08:30:19 GMT etag "74657626f8fda1:0" x-frame-options SAMEORIGIN x-azure-ref 20240430T050939Z-17859dc676bcxgd98xd7z11vh40000000620000000014qv3 content-type application/font-woff2 access-control-expose-headers Request-Context cache-control max-age=2678400 accept-ranges bytes
GET H2	200	inter-v11-latin-700.woff2 www.bridewell.com/ResourcePackages/BridewellConsulting/assets/dist/fonts/	17 KB 20 KB	163ms 162ms	Font application/font-woff2	2620:1ec:46::64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.bridewell.com/ResourcePackages/BridewellConsulting/assets/dist/fonts/inter-v11-latin-700.woff2 Requested by Host: www.bridewell.com URL: https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 3ced3f556e65561203347082cd3c41f2dda3ac93e2b449d553a1dbfb9b73a1e9 Security Headers Name Value Content-Security-Policy default-src 'self' *.appius.co.uk *.google.com *.bridewell.com *.insights.bridewell.com *.iconnode.com popupsmart.com forms.office.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.google.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com unpkg.com/@frontify/ *.cloudinary.com *.onetrust.com *.bridewellconsulting.com *.livechatinc.com snap.licdn.com https://*.googletagmanager.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com/ popupsmart.com insights.bridewell.com https://pi.pardot.com *.iconnode.com forms.office.com; style-src 'self' 'unsafe-inline' *.googleapis.com forms.office.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com https://www.googletagmanager.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: secure.livechatinc.com cdn.livechatinc.com https://*.hotjar.com https://*.canva.com popupsmart.com cdn.popupsmart.com; img-src 'self' *.gstatic.com *.googleapis.com https://*.popupsmart.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com *.onetrust.com px.ads.linkedin.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google.co.uk https://cdn.livechatinc.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com; media-src 'self' data: blob: *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com cdn.popupsmart.com popupsmart.com; frame-ancestors 'self' https://bridewellconsulting.sharepoint.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.frontify.com cloudinary.com *.cloudinary.com *.appius.co.uk *.google.com *.bridewell.com *.bridewellconsulting.com secure.livechatinc.com/ https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com; connect-src 'self' data: accounts.google.com stats.g.doubleclick.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.analytics.google.com *.gstatic.com *.frontify.com *.cloudinary.com *.onetrust.com *.bridewellconsulting.com cdn.linkedin.oribi.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://www.facebook.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com https://px.ads.linkedin.com https://*.popupsmart.com; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Origin https://www.bridewell.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:09:39 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-security-policy default-src 'self' *.appius.co.uk *.google.com *.bridewell.com *.insights.bridewell.com *.iconnode.com popupsmart.com forms.office.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.google.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com unpkg.com/@frontify/ *.cloudinary.com *.onetrust.com *.bridewellconsulting.com *.livechatinc.com snap.licdn.com https://*.googletagmanager.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com/ popupsmart.com insights.bridewell.com https://pi.pardot.com *.iconnode.com forms.office.com; style-src 'self' 'unsafe-inline' *.googleapis.com forms.office.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com https://www.googletagmanager.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: secure.livechatinc.com cdn.livechatinc.com https://*.hotjar.com https://*.canva.com popupsmart.com cdn.popupsmart.com; img-src 'self' *.gstatic.com *.googleapis.com https://*.popupsmart.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com *.onetrust.com px.ads.linkedin.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google.co.uk https://cdn.livechatinc.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com; media-src 'self' data: blob: *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com cdn.popupsmart.com popupsmart.com; frame-ancestors 'self' https://bridewellconsulting.sharepoint.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.frontify.com cloudinary.com *.cloudinary.com *.appius.co.uk *.google.com *.bridewell.com *.bridewellconsulting.com secure.livechatinc.com/ https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com; connect-src 'self' data: accounts.google.com stats.g.doubleclick.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.analytics.google.com *.gstatic.com *.frontify.com *.cloudinary.com *.onetrust.com *.bridewellconsulting.com cdn.linkedin.oribi.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://www.facebook.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com https://px.ads.linkedin.com https://*.popupsmart.com; x-permitted-cross-domain-policies none x-cache CONFIG_NOCACHE content-length 17592 x-xss-protection 1; mode=block request-context appId=cid-v1:35f9c660-8cdd-4673-a103-1ce2f09d11cf referrer-policy no-referrer-when-downgrade last-modified Mon, 15 Apr 2024 08:30:19 GMT etag "8ea07126f8fda1:0" x-frame-options SAMEORIGIN x-azure-ref 20240430T050939Z-17859dc676bcxgd98xd7z11vh40000000620000000014qv4 content-type application/font-woff2 access-control-expose-headers Request-Context cache-control max-age=2678400 accept-ranges bytes
GET H2	200	inter-v11-latin-800.woff2 www.bridewell.com/ResourcePackages/BridewellConsulting/assets/dist/fonts/	17 KB 20 KB	177ms 176ms	Font application/font-woff2	2620:1ec:46::64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.bridewell.com/ResourcePackages/BridewellConsulting/assets/dist/fonts/inter-v11-latin-800.woff2 Requested by Host: www.bridewell.com URL: https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 5eea1309ec0085dbc25b1bb20f3338bb8d6b2ead8782395cba21dc22b7f6b06b Security Headers Name Value Content-Security-Policy default-src 'self' *.appius.co.uk *.google.com *.bridewell.com *.insights.bridewell.com *.iconnode.com popupsmart.com forms.office.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.google.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com unpkg.com/@frontify/ *.cloudinary.com *.onetrust.com *.bridewellconsulting.com *.livechatinc.com snap.licdn.com https://*.googletagmanager.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com/ popupsmart.com insights.bridewell.com https://pi.pardot.com *.iconnode.com forms.office.com; style-src 'self' 'unsafe-inline' *.googleapis.com forms.office.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com https://www.googletagmanager.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: secure.livechatinc.com cdn.livechatinc.com https://*.hotjar.com https://*.canva.com popupsmart.com cdn.popupsmart.com; img-src 'self' *.gstatic.com *.googleapis.com https://*.popupsmart.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com *.onetrust.com px.ads.linkedin.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google.co.uk https://cdn.livechatinc.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com; media-src 'self' data: blob: *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com cdn.popupsmart.com popupsmart.com; frame-ancestors 'self' https://bridewellconsulting.sharepoint.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.frontify.com cloudinary.com *.cloudinary.com *.appius.co.uk *.google.com *.bridewell.com *.bridewellconsulting.com secure.livechatinc.com/ https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com; connect-src 'self' data: accounts.google.com stats.g.doubleclick.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.analytics.google.com *.gstatic.com *.frontify.com *.cloudinary.com *.onetrust.com *.bridewellconsulting.com cdn.linkedin.oribi.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://www.facebook.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com https://px.ads.linkedin.com https://*.popupsmart.com; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Origin https://www.bridewell.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:09:39 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-security-policy default-src 'self' *.appius.co.uk *.google.com *.bridewell.com *.insights.bridewell.com *.iconnode.com popupsmart.com forms.office.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.google.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com unpkg.com/@frontify/ *.cloudinary.com *.onetrust.com *.bridewellconsulting.com *.livechatinc.com snap.licdn.com https://*.googletagmanager.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com/ popupsmart.com insights.bridewell.com https://pi.pardot.com *.iconnode.com forms.office.com; style-src 'self' 'unsafe-inline' *.googleapis.com forms.office.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com https://www.googletagmanager.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: secure.livechatinc.com cdn.livechatinc.com https://*.hotjar.com https://*.canva.com popupsmart.com cdn.popupsmart.com; img-src 'self' *.gstatic.com *.googleapis.com https://*.popupsmart.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com *.onetrust.com px.ads.linkedin.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google.co.uk https://cdn.livechatinc.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com; media-src 'self' data: blob: *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com cdn.popupsmart.com popupsmart.com; frame-ancestors 'self' https://bridewellconsulting.sharepoint.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.frontify.com cloudinary.com *.cloudinary.com *.appius.co.uk *.google.com *.bridewell.com *.bridewellconsulting.com secure.livechatinc.com/ https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com; connect-src 'self' data: accounts.google.com stats.g.doubleclick.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.analytics.google.com *.gstatic.com *.frontify.com *.cloudinary.com *.onetrust.com *.bridewellconsulting.com cdn.linkedin.oribi.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://www.facebook.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com https://px.ads.linkedin.com https://*.popupsmart.com; x-permitted-cross-domain-policies none x-cache CONFIG_NOCACHE content-length 17640 x-xss-protection 1; mode=block request-context appId=cid-v1:35f9c660-8cdd-4673-a103-1ce2f09d11cf referrer-policy no-referrer-when-downgrade last-modified Mon, 15 Apr 2024 08:30:18 GMT etag "ba653826f8fda1:0" x-frame-options SAMEORIGIN x-azure-ref 20240430T050939Z-17859dc676bcxgd98xd7z11vh40000000620000000014qv5 content-type application/font-woff2 access-control-expose-headers Request-Context cache-control max-age=2678400 accept-ranges bytes
GET H2	200	inter-v11-latin-900.woff2 www.bridewell.com/ResourcePackages/BridewellConsulting/assets/dist/fonts/	17 KB 20 KB	167ms 166ms	Font application/font-woff2	2620:1ec:46::64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.bridewell.com/ResourcePackages/BridewellConsulting/assets/dist/fonts/inter-v11-latin-900.woff2 Requested by Host: www.bridewell.com URL: https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash a467db7b0fbf1650536a25922b26517355db4c69f540367907effef11fe0b564 Security Headers Name Value Content-Security-Policy default-src 'self' *.appius.co.uk *.google.com *.bridewell.com *.insights.bridewell.com *.iconnode.com popupsmart.com forms.office.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.google.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com unpkg.com/@frontify/ *.cloudinary.com *.onetrust.com *.bridewellconsulting.com *.livechatinc.com snap.licdn.com https://*.googletagmanager.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com/ popupsmart.com insights.bridewell.com https://pi.pardot.com *.iconnode.com forms.office.com; style-src 'self' 'unsafe-inline' *.googleapis.com forms.office.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com https://www.googletagmanager.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: secure.livechatinc.com cdn.livechatinc.com https://*.hotjar.com https://*.canva.com popupsmart.com cdn.popupsmart.com; img-src 'self' *.gstatic.com *.googleapis.com https://*.popupsmart.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com *.onetrust.com px.ads.linkedin.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google.co.uk https://cdn.livechatinc.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com; media-src 'self' data: blob: *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com cdn.popupsmart.com popupsmart.com; frame-ancestors 'self' https://bridewellconsulting.sharepoint.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.frontify.com cloudinary.com *.cloudinary.com *.appius.co.uk *.google.com *.bridewell.com *.bridewellconsulting.com secure.livechatinc.com/ https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com; connect-src 'self' data: accounts.google.com stats.g.doubleclick.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.analytics.google.com *.gstatic.com *.frontify.com *.cloudinary.com *.onetrust.com *.bridewellconsulting.com cdn.linkedin.oribi.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://www.facebook.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com https://px.ads.linkedin.com https://*.popupsmart.com; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Origin https://www.bridewell.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:09:39 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-security-policy default-src 'self' *.appius.co.uk *.google.com *.bridewell.com *.insights.bridewell.com *.iconnode.com popupsmart.com forms.office.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.google.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com unpkg.com/@frontify/ *.cloudinary.com *.onetrust.com *.bridewellconsulting.com *.livechatinc.com snap.licdn.com https://*.googletagmanager.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com/ popupsmart.com insights.bridewell.com https://pi.pardot.com *.iconnode.com forms.office.com; style-src 'self' 'unsafe-inline' *.googleapis.com forms.office.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com https://www.googletagmanager.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: secure.livechatinc.com cdn.livechatinc.com https://*.hotjar.com https://*.canva.com popupsmart.com cdn.popupsmart.com; img-src 'self' *.gstatic.com *.googleapis.com https://*.popupsmart.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com *.onetrust.com px.ads.linkedin.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google.co.uk https://cdn.livechatinc.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com; media-src 'self' data: blob: *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com cdn.popupsmart.com popupsmart.com; frame-ancestors 'self' https://bridewellconsulting.sharepoint.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.frontify.com cloudinary.com *.cloudinary.com *.appius.co.uk *.google.com *.bridewell.com *.bridewellconsulting.com secure.livechatinc.com/ https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com; connect-src 'self' data: accounts.google.com stats.g.doubleclick.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.analytics.google.com *.gstatic.com *.frontify.com *.cloudinary.com *.onetrust.com *.bridewellconsulting.com cdn.linkedin.oribi.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://www.facebook.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com https://px.ads.linkedin.com https://*.popupsmart.com; x-permitted-cross-domain-policies none x-cache CONFIG_NOCACHE content-length 17052 x-xss-protection 1; mode=block request-context appId=cid-v1:35f9c660-8cdd-4673-a103-1ce2f09d11cf referrer-policy no-referrer-when-downgrade last-modified Mon, 15 Apr 2024 08:30:19 GMT etag "8ea07126f8fda1:0" x-frame-options SAMEORIGIN x-azure-ref 20240430T050939Z-17859dc676bcxgd98xd7z11vh40000000620000000014qv6 content-type application/font-woff2 access-control-expose-headers Request-Context cache-control max-age=2678400 accept-ranges bytes
GET H2	200	inter-v11-latin-regular.woff2 www.bridewell.com/ResourcePackages/BridewellConsulting/assets/dist/fonts/	16 KB 19 KB	175ms 175ms	Font application/font-woff2	2620:1ec:46::64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.bridewell.com/ResourcePackages/BridewellConsulting/assets/dist/fonts/inter-v11-latin-regular.woff2 Requested by Host: www.bridewell.com URL: https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash d56fec2159406ce1d4e284774fd1ee371018f131e28aa303ad1675edc76f20dc Security Headers Name Value Content-Security-Policy default-src 'self' *.appius.co.uk *.google.com *.bridewell.com *.insights.bridewell.com *.iconnode.com popupsmart.com forms.office.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.google.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com unpkg.com/@frontify/ *.cloudinary.com *.onetrust.com *.bridewellconsulting.com *.livechatinc.com snap.licdn.com https://*.googletagmanager.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com/ popupsmart.com insights.bridewell.com https://pi.pardot.com *.iconnode.com forms.office.com; style-src 'self' 'unsafe-inline' *.googleapis.com forms.office.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com https://www.googletagmanager.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: secure.livechatinc.com cdn.livechatinc.com https://*.hotjar.com https://*.canva.com popupsmart.com cdn.popupsmart.com; img-src 'self' *.gstatic.com *.googleapis.com https://*.popupsmart.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com *.onetrust.com px.ads.linkedin.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google.co.uk https://cdn.livechatinc.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com; media-src 'self' data: blob: *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com cdn.popupsmart.com popupsmart.com; frame-ancestors 'self' https://bridewellconsulting.sharepoint.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.frontify.com cloudinary.com *.cloudinary.com *.appius.co.uk *.google.com *.bridewell.com *.bridewellconsulting.com secure.livechatinc.com/ https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com; connect-src 'self' data: accounts.google.com stats.g.doubleclick.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.analytics.google.com *.gstatic.com *.frontify.com *.cloudinary.com *.onetrust.com *.bridewellconsulting.com cdn.linkedin.oribi.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://www.facebook.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com https://px.ads.linkedin.com https://*.popupsmart.com; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Origin https://www.bridewell.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:09:39 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-security-policy default-src 'self' *.appius.co.uk *.google.com *.bridewell.com *.insights.bridewell.com *.iconnode.com popupsmart.com forms.office.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.google.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com unpkg.com/@frontify/ *.cloudinary.com *.onetrust.com *.bridewellconsulting.com *.livechatinc.com snap.licdn.com https://*.googletagmanager.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com/ popupsmart.com insights.bridewell.com https://pi.pardot.com *.iconnode.com forms.office.com; style-src 'self' 'unsafe-inline' *.googleapis.com forms.office.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com https://www.googletagmanager.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: secure.livechatinc.com cdn.livechatinc.com https://*.hotjar.com https://*.canva.com popupsmart.com cdn.popupsmart.com; img-src 'self' *.gstatic.com *.googleapis.com https://*.popupsmart.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com *.onetrust.com px.ads.linkedin.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google.co.uk https://cdn.livechatinc.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com; media-src 'self' data: blob: *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com cdn.popupsmart.com popupsmart.com; frame-ancestors 'self' https://bridewellconsulting.sharepoint.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.frontify.com cloudinary.com *.cloudinary.com *.appius.co.uk *.google.com *.bridewell.com *.bridewellconsulting.com secure.livechatinc.com/ https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com; connect-src 'self' data: accounts.google.com stats.g.doubleclick.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.analytics.google.com *.gstatic.com *.frontify.com *.cloudinary.com *.onetrust.com *.bridewellconsulting.com cdn.linkedin.oribi.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://www.facebook.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com https://px.ads.linkedin.com https://*.popupsmart.com; x-permitted-cross-domain-policies none x-cache CONFIG_NOCACHE content-length 16608 x-xss-protection 1; mode=block request-context appId=cid-v1:35f9c660-8cdd-4673-a103-1ce2f09d11cf referrer-policy no-referrer-when-downgrade last-modified Mon, 15 Apr 2024 08:30:19 GMT etag "8ea07126f8fda1:0" x-frame-options SAMEORIGIN x-azure-ref 20240430T050939Z-17859dc676bcxgd98xd7z11vh40000000620000000014qv7 content-type application/font-woff2 access-control-expose-headers Request-Context cache-control max-age=2678400 accept-ranges bytes
GET H2	200	insight.min.js Show response snap.licdn.com/li.lms-analytics/	48 KB 17 KB	112ms 32ms	Script application/javascript	2a02:26f0:280:6::213:7ad8 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: www.bridewell.com URL: https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:280:6::213:7ad8 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 9941d2ff1cc99d68acf87db2bf00d461644f6a6f222af62c2fba71be5a97b447 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:09:39 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 29 Apr 2024 18:02:39 GMT x-cdn AKAM x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/javascript;charset=utf-8 cache-control max-age=46458 accept-ranges bytes content-length 17091
GET H2	200	hotjar-3339532.js Show response static.hotjar.com/c/	10 KB 5 KB	116ms 49ms	Script application/javascript	18.66.102.11 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-3339532.js?sv=6 Requested by Host: www.bridewell.com URL: https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.102.11 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-102-11.fra56.r.cloudfront.net Software / Resource Hash 846c730da8a7b9a6f097bafdf93e5bdfeaeabc5794ae7e00eea588d2f573e92d Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=2592000; includeSubDomains content-encoding br x-content-type-options nosniff date Tue, 30 Apr 2024 05:09:39 GMT via 1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P2 etag W/f3b2edbcb7e99eff5ac498c66a7935f4 vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/javascript; charset=UTF-8 access-control-allow-origin * x-cache-hit 1 cache-control max-age=60 cross-origin-resource-policy cross-origin x-amz-cf-id Oq63eqe-gdoKgCByvT735f5Zn8O3kNoSmxGgHwpN8Vu0uA_R3ggoRA==
POST H2	200	/ Show response process.iconnode.com/google-ads/	0 162 B	727ms 114ms	XHR text/html	13.248.238.122 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://process.iconnode.com/google-ads/ Requested by Host: scripts.iconnode.com URL: https://scripts.iconnode.com/118800.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.248.238.122 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a171616d2c13795e3.awsglobalaccelerator.com Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers access-control-allow-origin https://www.bridewell.com date Tue, 30 Apr 2024 05:09:40 GMT access-control-allow-credentials true server Apache content-length 0 access-control-max-age 86400 content-type text/html; charset=UTF-8
GET DATA	200 OK	truncated /	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d87bf30b1fdd532f3c34b600f9ee5fe61ffbaf83198d0e74a6c4e4d2a25743d7 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf8
GET DATA	200 OK	truncated /	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7c4a252931f7976d0d0526f452b4790f5e52b137706a3cf7e81d114c10c291df Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf8
GET DATA	200 OK	truncated /	208 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 79c37dbe87ca5459f4ae9e629bd9c9bd97c6f8cf033ac6ddda21758a41cef4ef Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf8
GET DATA	200 OK	truncated /	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 583e3ab276cb2a014e5b862a9f57767b9bb06e8800c8a8d4ae8451961330d87d Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf8
GET DATA	200 OK	truncated /	749 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 51ea4d0d24254e78235b9efa33789dd78b2eba806130b7be3bd1b9c9accd42ac Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET DATA	200 OK	truncated /	309 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 067c904a239361cdead0503fb030ece6798593c81830c2b6f57af30b44b81b78 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf8
GET DATA	200 OK	truncated /	264 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash de2bb6a9bb27391acebd03fdf3a5d2e29881f308892617f66b6886388411be16 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf8
GET DATA	200 OK	truncated /	274 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1ff50bdee5c24916cb6e8da88324ce9c0bd81a7c27daeec994fd0b486f902186 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET DATA	200 OK	truncated /	405 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 58ac51e1059176d77e9526469243825b5d18f4c5a5e86c54c85c9a1fd09bbaf7 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf8
GET DATA	200 OK	truncated /	392 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash dbb1c60a5d07b8438c44d7e209af6616d76dae5c9d8f55183a91413d85993000 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf8
GET DATA	200 OK	truncated /	109 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 68ff03047882ec4c5eb42c9b313461970a6922619e353c7321e12438a674003f Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf8
GET DATA	200 OK	truncated /	112 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 655c5e0b33247ff75c376854c4c489b30a5485e01cca4b1c91b30ab152c2e03a Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf8
GET DATA	200 OK	truncated /	444 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6afea9ec1e8d4449a57cb7264623d451b829aa9439b07c66e05b00604453a5ce Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf8
GET DATA	200 OK	truncated /	362 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 4748da12ff102a5d1c0bbad7f1de04e21b3dc1ff4a7f240f69b4b39a40c9f306 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf8
GET DATA	200 OK	truncated /	395 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 24f744cc82e59a41125a1baa1afe12022e7a7bf3fd3b672bebf3dc6fcf93d8a7 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf8
GET DATA	200 OK	truncated /	277 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 64bdca032e6e9867959845ea6cdcb783b168f303c8d1b6771e1d7a65154738af Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET DATA	200 OK	truncated /	268 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d3ac82598c20ae4c2b501a03dbde5cac5e8b00bf12845dd18fd67830ebb80673 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf8
GET DATA	200 OK	truncated /	1017 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 56c5291680452b688b55f3a19de42618b5f1369b84c631917cb3fb0601a0e255 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf8
GET		collect px4.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4499777&time=1714453779689&url=https%3A%2F%2Fwww.bridewell.com%2Finsights%2Fblogs%2Fdetail%2Fclearfake-campaign https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4499777&time=1714453779689&url=https%3A%2F%2Fwww.bridewell.com%2Finsights%2Fblogs%2Fdetail%2Fclearfake-campaign&cookiesTest=true https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4499777%26time%3D1714453779689%26url%3Dhttps%253A%252F%252Fwww.bridewell.com%252F... https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4499777&time=1714453779689&url=https%3A%2F%2Fwww.bridewell.com%2Finsights%2Fblogs%2Fdetail%2Fclearfake-campaign&cookiesTest=true&liSync=true https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4499777&time=1714453779689&url=https%3A%2F%2Fwww.bridewell.com%2Finsights%2Fblogs%2Fdetail%2Fclearfake-campaign&cookiesTest=true&liSync=true&e_ip...	0 0
GET H2	200	modules.ea82878fb17f83fbe8a6.js Show response script.hotjar.com/	221 KB 55 KB	460ms 20ms	Script application/javascript	13.32.27.54 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.ea82878fb17f83fbe8a6.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-3339532.js?sv=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.54 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-54.fra56.r.cloudfront.net Software / Resource Hash 009c688b6b2b336eeffafab5ea0ae57b757e4d85c84d736d365f1ef76611d5cc Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 29 Apr 2024 16:18:06 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 a23dafbbb9a61c77bda1d66d97f24e2e.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-C2 age 46294 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 55730 last-modified Mon, 29 Apr 2024 16:17:48 GMT etag "3609047e81f8808d481c085e4a20567a" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes x-robots-tag none x-amz-cf-id 3AfI_V9122CKwAtgZN1e3cVXVG2UpoXAbUFgRFOvwoWYDWK41SOpnQ==
POST H2	204	/ Show response px.ads.linkedin.com/wa/	0 624 B	616ms 231ms	XHR text/plain	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/wa/ Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Accept * Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:09:40 GMT x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: A574EDA3D48E465588FE26ABE301CE3A Ref B: DUS30EDGE0411 Ref C: 2024-04-30T05:09:40Z linkedin-action 1 vary Origin x-cache CONFIG_NOCACHE x-li-fabric prod-lor1 access-control-allow-origin https://www.bridewell.com x-li-proto http/2 access-control-allow-credentials true x-li-uuid AAYXSWCOVMfKPnBm24Q3Dw==
GET H2	200	otSDKStub.js Show response cdn-ukwest.onetrust.com/scripttemplates/	21 KB 7 KB	399ms 42ms	Script application/javascript	2606:4700:4400::ac40:9b77 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGJCR96 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6f08699117c1f15f6d35e7b4380d12d18a1881f075e177b5853b1017a3307544 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Tue, 30 Apr 2024 05:09:40 GMT content-encoding gzip cf-cache-status HIT content-md5 zgTRIDojRJmnmBTwUyI2Vw== age 52122 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 6882 x-ms-lease-status unlocked last-modified Tue, 23 Apr 2024 19:31:06 GMT server cloudflare etag 0x8DC63CBEB86381B vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id 5dc48d0f-001e-0005-1b55-968528000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 87c5055e1c941a47-FRA expires Wed, 01 May 2024 05:09:40 GMT
GET DATA	200 OK	truncated /	382 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 06d09dd7efb567df0e82d693b41fdb2a8bd2808a47daf7e89022a3124b03c160 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf8
GET DATA	200 OK	truncated /	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d3abd86b5074abde331a036b4727c5cd0a8a8bc8e7d0cf6965339df67700f880 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf8
GET DATA	200 OK	truncated /	500 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3f7a1d722513c23c0602f848ebd278da0b40d60ac723a76b7e9e827bf57d4244 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf8
GET DATA	200 OK	truncated /	347 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ce28e45e9cb78aef7e6b407eeeda92ac515a85c0b41a26fe5ae42742ee21da51 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf8
POST H2	200	/ Show response process.iconnode.com/keyword/	38 B 214 B	433ms 124ms	XHR text/html	13.248.238.122 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://process.iconnode.com/keyword/ Requested by Host: scripts.iconnode.com URL: https://scripts.iconnode.com/118800.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.248.238.122 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a171616d2c13795e3.awsglobalaccelerator.com Software Apache / Resource Hash af372098e3bd4b61584dfe3745317e0c3e07d5148857054c5c0cdf44c2276f21 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers access-control-allow-origin https://www.bridewell.com date Tue, 30 Apr 2024 05:09:40 GMT access-control-allow-credentials true server Apache access-control-max-age 86400 content-type text/html; charset=UTF-8
GET H2	200	preact-incoming-feedback.4c197def75fc1e417c58.js Show response script.hotjar.com/	192 KB 44 KB	20ms 20ms	Script application/javascript	13.32.27.54 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/preact-incoming-feedback.4c197def75fc1e417c58.js Requested by Host: script.hotjar.com URL: https://script.hotjar.com/modules.ea82878fb17f83fbe8a6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.54 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-54.fra56.r.cloudfront.net Software / Resource Hash e80e1ac6e2085de0a8770339113ab9b194d6ccade4db2cf92b8b1b1839e9d663 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 13:00:07 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 a23dafbbb9a61c77bda1d66d97f24e2e.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-C2 age 403773 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 44076 last-modified Thu, 25 Apr 2024 12:59:19 GMT etag "0b233e871d015c2450928b24ed70d5be" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes x-robots-tag none x-amz-cf-id ltcYZcBUEaQP_ZyJqUwovVRyEVQkeq2stc1FM3AAMAV2bMl2E8FsFA==
GET H2	200	6063a7ee-540f-4476-8468-573942328ed7.json Show response cdn-ukwest.onetrust.com/consent/6063a7ee-540f-4476-8468-573942328ed7/	3 KB 2 KB	91ms 50ms	XHR application/x-javascript	2606:4700:4400::ac40:9b77 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn-ukwest.onetrust.com/consent/6063a7ee-540f-4476-8468-573942328ed7/6063a7ee-540f-4476-8468-573942328ed7.json Requested by Host: cdn-ukwest.onetrust.com URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc01b74050173f5b4a96ba1d8f0918b85c3ddfcc3199842052b9e439d03bef80 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Tue, 30 Apr 2024 05:09:40 GMT content-encoding gzip cf-cache-status HIT strict-transport-security max-age=31536000; includeSubDomains; preload age 44031 content-md5 YgtfVExeHftcV/mG+shxJw== content-length 1404 x-ms-lease-status unlocked last-modified Thu, 29 Sep 2022 17:32:37 GMT server cloudflare etag 0x8DAA2409A52D337 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id c4ab6f73-d01e-0024-53d4-7abdd5000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 87c5055f19141cc7-FRA
GET H3	200	bundle.js Show response cdn.popupsmart.com/	85 KB 31 KB	76ms 33ms	Script application/javascript	172.67.71.162 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.popupsmart.com/bundle.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGJCR96 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.71.162 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c40f716080aae157b1d5cc860f7b59527c4398aa9d81022f9e75859ad6efa43b Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:09:40 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id DZ1KCGBKDBQ1QNEE age 6835 cf-polished origSize=86689 x-amz-server-side-encryption AES256 content-encoding br alt-svc h3=":443"; ma=86400 x-amz-id-2 qwQsgWFXLHBhY8cLjLJOiI6Rkl3v2qCiR+hE3mhNVbTRv2ZqXs6VnvXeLYBYgjvZXLNvYHeCXhw= referrer-policy no-referrer-when-downgrade cf-bgj minify last-modified Fri, 26 Apr 2024 09:50:45 GMT server cloudflare etag W/"47c29a3a11da64b393148e26a2dbe2b3" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KLIvoLYcu3J4J7HLIlDff8q8V%2F6pnoQsJXdjH0ALXVeu9dZnBSeZjDef3zteoUd700MzqlzERlQ2jkN6%2B41F4%2BeRHcFA1olfqgn%2Fl8dnkqzlVxGsXLJ7DZ1Vtly9W249AHFd%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript permissions-policy microphone=() cf-ray 87c5055f1a8603dc-FRA
GET H2	200	font-hotjar_5.65042d.woff2 script.hotjar.com/	2 KB 3 KB	56ms 18ms	Font font/woff2	13.32.27.54 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/font-hotjar_5.65042d.woff2 Requested by Host: www.bridewell.com URL: https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.54 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-54.fra56.r.cloudfront.net Software / Resource Hash fab4fef6bbfa8d6464403a14be7de1be5e3e63637a96d994fab10266e1eaf6da Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/ Origin https://www.bridewell.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 10 Sep 2023 20:18:44 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 aff6ac5c98fa897349204752e5877c80.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-C2 age 20076656 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin last-modified Fri, 08 Sep 2023 09:39:02 GMT etag "c9fb9163f8b7be37023ebe649688bebf" vary Accept-Encoding content-type font/woff2 access-control-allow-origin * cache-control max-age=31536000 x-robots-tag none x-amz-cf-id yv4I9DMvsCcrwMr7Z1lH3S-gD4kpr8N6iajEZbznsUU2lI74fJNDCg==
GET H2	200	otBannerSdk.js Show response cdn-ukwest.onetrust.com/scripttemplates/202209.1.0/	376 KB 90 KB	40ms 38ms	Script application/javascript	2606:4700:4400::ac40:9b77 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn-ukwest.onetrust.com/scripttemplates/202209.1.0/otBannerSdk.js Requested by Host: cdn-ukwest.onetrust.com URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5bcbd83d020ff272645c59dff179841df9374a6295f324eee00b9de4e67bc1cd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Tue, 30 Apr 2024 05:09:40 GMT content-encoding gzip cf-cache-status HIT content-md5 229oLfugqvtMNLM3e0uPaA== age 52046 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 91423 x-ms-lease-status unlocked last-modified Tue, 13 Sep 2022 20:31:59 GMT server cloudflare etag 0x8DA95C70229E004 vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id c6edcacf-e01e-0068-47d4-7a7aca000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 87c5055f6e4e1a47-FRA expires Wed, 01 May 2024 05:09:40 GMT
GET H3	200	loader.json Show response cdn.popupsmart.com/accounts/39196/	4 KB 2 KB	163ms 141ms	Fetch application/json	172.67.71.162 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.popupsmart.com/accounts/39196/loader.json Requested by Host: cdn.popupsmart.com URL: https://cdn.popupsmart.com/bundle.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.71.162 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9cc58b5e2dc1ee7b4150b08bd2f96281dcdf90ee4280cb8ef23974bdcbf78362 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:09:40 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id VCPRSP63SJ3WZJEM x-amz-server-side-encryption AES256 content-encoding br alt-svc h3=":443"; ma=86400 x-amz-id-2 xVUoJBZSsP46XJ6nVXkf9rqI90iEgqxYzVfpKkwBrXB8KG917+h+5bAgV5QxiT3tCKnufjImAKo= referrer-policy no-referrer-when-downgrade last-modified Mon, 22 Apr 2024 09:05:47 GMT server cloudflare etag W/"3c23e101f03b3c71e3c5edb2cd2c58b1" vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding access-control-allow-methods GET content-type application/json location eyJpcCI6IjIxNy4xMTQuMjE4LjIyIiwiY291bnRyeUNvZGUiOiJERSIsImNvdW50cnkiOiJHZXJtYW55IiwibGF0aXR1ZGUiOiI1MS4yOTkzMCIsImxvbmdpdHVkZSI6IjkuNDkxMDAiLCJ0aW1lem9uZSI6IkV1cm9wZS9CZXJsaW4iLCJhc09yZ2FuaXphdGlvbiI6IktleXdlYiJ9 access-control-allow-origin * access-control-expose-headers x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, cf, clientIP, location access-control-max-age 3000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sPZOOFv2hMBsTdjPtWGmPed8c2riDwHxUlWgI4r4ae12sH0G5EXEsADsM%2Bsex9J32FIwOgraTGGEW%2Fzypg%2FE9Xmo678UsaFm%2BMG%2FVAfoH%2BMLvVnW%2F35MigfiYsQUnHFzCM7yjQ%3D%3D"}],"group":"cf-nel","max_age":604800} permissions-policy microphone=() cf-ray 87c5055fad44916a-FRA
GET H2	200	en.json Show response cdn-ukwest.onetrust.com/consent/6063a7ee-540f-4476-8468-573942328ed7/b1be18c9-5ec2-4bf1-bba2-254c18230461/	37 KB 11 KB	58ms 57ms	Fetch application/x-javascript	2606:4700:4400::ac40:9b77 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn-ukwest.onetrust.com/consent/6063a7ee-540f-4476-8468-573942328ed7/b1be18c9-5ec2-4bf1-bba2-254c18230461/en.json Requested by Host: cdn-ukwest.onetrust.com URL: https://cdn-ukwest.onetrust.com/scripttemplates/202209.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 816ea338491b0649413b5dd07dbfa182ec74a0a133968cc214de0cba71ff8512 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Tue, 30 Apr 2024 05:09:40 GMT content-encoding gzip cf-cache-status HIT strict-transport-security max-age=31536000; includeSubDomains; preload age 44031 content-md5 BZAWIAszHqPuPzoH8n0FqA== content-length 11026 x-ms-lease-status unlocked last-modified Thu, 29 Sep 2022 17:32:39 GMT server cloudflare etag 0x8DAA2409B8DD08D vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id 06c600dd-601e-003d-05d4-7a91bd000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 87c5055fda0e1cc7-FRA
GET H2	200	otCenterRounded.json Show response cdn-ukwest.onetrust.com/scripttemplates/202209.1.0/assets/	9 KB 3 KB	46ms 45ms	Fetch application/json	2606:4700:4400::ac40:9b77 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn-ukwest.onetrust.com/scripttemplates/202209.1.0/assets/otCenterRounded.json Requested by Host: cdn-ukwest.onetrust.com URL: https://cdn-ukwest.onetrust.com/scripttemplates/202209.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d94edd219d965011aa7c423435675f8fc3aba340d1d2a45840c88592b922dbf2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Tue, 30 Apr 2024 05:09:40 GMT content-encoding gzip cf-cache-status HIT content-md5 Nv59uF4L5Erbm99maFPLHA== age 44031 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 2612 x-ms-lease-status unlocked last-modified Tue, 13 Sep 2022 20:31:47 GMT server cloudflare etag 0x8DA95C6FAEC1377 vary Accept-Encoding content-type application/json access-control-allow-origin * x-ms-request-id 503d6d04-101e-001b-1fd4-7a0a09000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 87c505605a6f1cc7-FRA expires Wed, 01 May 2024 05:09:40 GMT
GET H2	200	otPcPanel.json Show response cdn-ukwest.onetrust.com/scripttemplates/202209.1.0/assets/v2/	65 KB 13 KB	48ms 47ms	Fetch application/json	2606:4700:4400::ac40:9b77 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn-ukwest.onetrust.com/scripttemplates/202209.1.0/assets/v2/otPcPanel.json Requested by Host: cdn-ukwest.onetrust.com URL: https://cdn-ukwest.onetrust.com/scripttemplates/202209.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ec06ec9be2609c147fe6c711b442385ec1bb33d8a71e3f2efd7df0d24e15d7c4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Tue, 30 Apr 2024 05:09:40 GMT content-encoding gzip cf-cache-status HIT content-md5 sgw+xRyHI9rMO41DcI/iMg== age 44031 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 13380 x-ms-lease-status unlocked last-modified Tue, 13 Sep 2022 20:31:49 GMT server cloudflare etag 0x8DA95C6FC0A6403 vary Accept-Encoding content-type application/json access-control-allow-origin * x-ms-request-id d1ef768d-301e-006a-48d4-7a7830000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 87c505605a701cc7-FRA expires Wed, 01 May 2024 05:09:40 GMT
GET H2	200	otCommonStyles.css Show response cdn-ukwest.onetrust.com/scripttemplates/202209.1.0/assets/	22 KB 5 KB	44ms 44ms	Fetch text/css	2606:4700:4400::ac40:9b77 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn-ukwest.onetrust.com/scripttemplates/202209.1.0/assets/otCommonStyles.css Requested by Host: cdn-ukwest.onetrust.com URL: https://cdn-ukwest.onetrust.com/scripttemplates/202209.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Tue, 30 Apr 2024 05:09:40 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip cf-cache-status HIT content-md5 B55i3ZY9miZIaUrwjufy0w== age 44031 x-ms-lease-status unlocked last-modified Tue, 13 Sep 2022 20:32:07 GMT server cloudflare vary Accept-Encoding content-type text/css access-control-allow-origin * x-ms-request-id 4f33d912-e01e-0041-40d4-7a0c88000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 cf-ray 87c505605a721cc7-FRA expires Wed, 01 May 2024 05:09:40 GMT
GET H3	200	main.js Show response cdn.popupsmart.com/accounts/39196/197829/4/	671 KB 189 KB	132ms 131ms	Script application/javascript	172.67.71.162 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.popupsmart.com/accounts/39196/197829/4/main.js Requested by Host: cdn.popupsmart.com URL: https://cdn.popupsmart.com/bundle.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.71.162 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 485ada553c8314d1decc213724fadcee2ee0c3212cd25c12f3d6de75e58398dd Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Origin https://www.bridewell.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:09:40 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id DD7W055KBAABRDG9 cf-polished origSize=686754 x-amz-server-side-encryption AES256 content-encoding br alt-svc h3=":443"; ma=86400 x-amz-id-2 CKw4dIQEx6Jha36oTg1GRoqR3uKgNYe7Dhs3qQ0+6ggDQYrs3pHBjUtJcVDXbpQpqGRhwNYLEXg= referrer-policy no-referrer-when-downgrade last-modified Mon, 22 Apr 2024 09:05:46 GMT cf-bgj minify server cloudflare etag W/"1055c04a25711c761c807a1dbda018a0" vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding access-control-allow-methods GET content-type application/javascript; charset=utf-8 location eyJpcCI6IjIxNy4xMTQuMjE4LjIyIiwiY291bnRyeUNvZGUiOiJERSIsImNvdW50cnkiOiJHZXJtYW55IiwibGF0aXR1ZGUiOiI1MS4yOTkzMCIsImxvbmdpdHVkZSI6IjkuNDkxMDAiLCJ0aW1lem9uZSI6IkV1cm9wZS9CZXJsaW4iLCJhc09yZ2FuaXphdGlvbiI6IktleXdlYiJ9 access-control-allow-origin * access-control-expose-headers x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, cf, clientIP, location cache-control no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PuynEQrngZ6uTSzxneg%2B1OK5wOf1C8y%2FqB1b%2FvxoAU8b2YToW3K1bCbWFfsO8H1pakujMyfOgHKM0iQ4C%2BCcnr5HG8wV5By8uftvTQk4cFRpQQ7Tsl72eyK3J2u%2Fv5IlJe39Vw%3D%3D"}],"group":"cf-nel","max_age":604800} permissions-policy microphone=() access-control-max-age 3000 cf-ray 87c505609e4e916a-FRA
POST H2	200	/ Show response handler-api.popupsmart.com/	25 B 212 B	71ms 71ms	Fetch application/json	34.241.81.190 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://handler-api.popupsmart.com/ Requested by Host: cdn.popupsmart.com URL: https://cdn.popupsmart.com/bundle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.241.81.190 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-241-81-190.eu-west-1.compute.amazonaws.com Software / Resource Hash 0e03f97ae4697775c8757637d0f2cd95f1aae5bcbe3e97abffc258e5beef50b9 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type application/json Response headers access-control-allow-origin * date Tue, 30 Apr 2024 05:09:40 GMT access-control-allow-headers Content-Type content-length 25 apigw-requestid XBh7ShPqDoEEP5Q= access-control-allow-methods POST, OPTIONS content-type application/json
OPTIONS H2	204	/ handler-api.popupsmart.com/	0 0	198ms 78ms	Preflight	34.241.81.190 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://handler-api.popupsmart.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.241.81.190 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-241-81-190.eu-west-1.compute.amazonaws.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://www.bridewell.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers access-control-allow-headers Content-Type access-control-allow-methods POST, OPTIONS access-control-allow-origin * apigw-requestid XBh7Sj4ZjoEEPeg= date Tue, 30 Apr 2024 05:09:40 GMT
GET H2	200	Bridewell_logo_new_deep_purple_and_cyan.png cdn-ukwest.onetrust.com/logos/6b2fc1a7-29c8-40b5-a234-11bdecf4399d/1814e5ec-16dc-4085-86b0-0f89dbdfd9fe/3d5e11fe-b614-48b9-8005-a22dae211b36/	74 KB 74 KB	43ms 42ms	Image image/png	2606:4700:4400::ac40:9b77 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-ukwest.onetrust.com/logos/6b2fc1a7-29c8-40b5-a234-11bdecf4399d/1814e5ec-16dc-4085-86b0-0f89dbdfd9fe/3d5e11fe-b614-48b9-8005-a22dae211b36/Bridewell_logo_new_deep_purple_and_cyan.png Requested by Host: www.bridewell.com URL: https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d9302bd497e473e93adfe0e212362103dafba43917b2fab160c8dacff34c69be Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Tue, 30 Apr 2024 05:09:40 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cf-cache-status HIT content-md5 Xa1qDwBLBcVhTaEmFfN65Q== age 44660 content-length 75777 x-ms-lease-status unlocked last-modified Wed, 29 Jun 2022 08:30:03 GMT server cloudflare etag 0x8DA59A990B71690 vary Accept-Encoding content-type image/png access-control-allow-origin * x-ms-request-id 930b63b4-c01e-0035-4fb4-7d3be7000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 87c505611fe01a47-FRA expires Wed, 01 May 2024 05:09:40 GMT
GET H2	200	poweredBy_ot_logo.svg cdn-ukwest.onetrust.com/logos/static/	3 KB 2 KB	41ms 40ms	Image image/svg+xml	2606:4700:4400::ac40:9b77 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-ukwest.onetrust.com/logos/static/poweredBy_ot_logo.svg Requested by Host: www.bridewell.com URL: https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Tue, 30 Apr 2024 05:09:40 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip cf-cache-status HIT content-md5 LpuayL42jB78xRllx0vkOw== age 52109 x-ms-lease-status unlocked last-modified Tue, 23 Apr 2024 19:31:10 GMT server cloudflare vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id 6718918a-001e-003a-27d7-954d8b000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 cf-ray 87c505611fe31a47-FRA expires Wed, 01 May 2024 05:09:40 GMT
GET H3	200	main.css cdn.popupsmart.com/accounts/39196/197829/4/	64 KB 10 KB	181ms 181ms	Stylesheet text/css	172.67.71.162 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.popupsmart.com/accounts/39196/197829/4/main.css Requested by Host: cdn.popupsmart.com URL: https://cdn.popupsmart.com/bundle.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.71.162 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 20826a15f6acebb7c1ef9ad830bfb50cee19954cded3248b7fbbd91b4de0ecec Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:09:40 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id DYAZGYJWHACMF80G cf-polished origSize=65875 x-amz-server-side-encryption AES256 content-encoding br alt-svc h3=":443"; ma=86400 x-amz-id-2 SBJtcsIigHzTZAk1UsBLEe6zH0hU+OQmSNumi/+L1ZYZekzMsvZwXTxnYRRmOIdwW5KExFWjM9U= referrer-policy no-referrer-when-downgrade last-modified Mon, 22 Apr 2024 09:05:46 GMT cf-bgj minify server cloudflare etag W/"719bbaf648743b251c6d7f5525ed668c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=arl2dJarJQ30JExHklkTDLPpq0yIbuy3nJMbHDxnJ5pbqtKYj6hCEy8anE0qR6iW9Jsjff%2BSo73UPMGO2mzxNUsq7JvM3y8pevzF5cBiFhwzA2vAgqEC5TT8JBp%2Fa55m2JEK6A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 location eyJpcCI6IjIxNy4xMTQuMjE4LjIyIiwiY291bnRyeUNvZGUiOiJERSIsImNvdW50cnkiOiJHZXJtYW55IiwibGF0aXR1ZGUiOiI1MS4yOTkzMCIsImxvbmdpdHVkZSI6IjkuNDkxMDAiLCJ0aW1lem9uZSI6IkV1cm9wZS9CZXJsaW4iLCJhc09yZ2FuaXphdGlvbiI6IktleXdlYiJ9 access-control-allow-origin * cache-control no-cache permissions-policy microphone=() cf-ray 87c505622cf003dc-FRA
GET H3	200	e9607a29fcf7e8470281014c11f717c2.jpeg cdn.popupsmart.com/uploaded/	171 KB 172 KB	119ms 118ms	Image image/webp	172.67.71.162 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.popupsmart.com/uploaded/e9607a29fcf7e8470281014c11f717c2.jpeg Requested by Host: www.bridewell.com URL: https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.71.162 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0f20eec24153276f27225ebf9d224c8b33d7ebf931370ba5cf506a563c01825b Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:09:40 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id Y4P7TY1V4MJCPTYF cf-polished qual=85, origFmt=jpeg, origSize=1000392 x-amz-server-side-encryption AES256 content-disposition inline; filename="e9607a29fcf7e8470281014c11f717c2.webp" alt-svc h3=":443"; ma=86400 content-length 174882 x-amz-id-2 DX21H0QAFJficzrhayygE5ICGK6dQqlKG0WV9egY5pluwbb78cWuSsfXPpOvlZWY3Wfdiiz4XhQ= referrer-policy no-referrer-when-downgrade cf-bgj imgq:85,h2pri last-modified Wed, 17 Apr 2024 09:05:58 GMT server cloudflare etag "7a06ec3cbd1b607e32d203310691f727" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nxLVg39QXUMCs2%2B44JzT1n7FKA2sw%2FFMYDfFelC%2BlczN05sNqla1dBF1TRBJM600aXe5kqavLAWPW5ZMgBjoW9tyIiwWlvvIho4WPlCSKXTU6rk7Fedkeg%2Fk7IF%2Bbf8B80a45Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=1440 permissions-policy microphone=() accept-ranges bytes cf-ray 87c505623d0103dc-FRA
GET H3	200	main.js Show response cdn.popupsmart.com/accounts/39196/197829/4/	671 KB 1 KB	76ms 76ms	Fetch application/javascript	172.67.71.162 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.popupsmart.com/accounts/39196/197829/4/main.js Requested by Host: cdn.popupsmart.com URL: https://cdn.popupsmart.com/bundle.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.71.162 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 485ada553c8314d1decc213724fadcee2ee0c3212cd25c12f3d6de75e58398dd Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:09:41 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id DD7W055KBAABRDG9 cf-polished origSize=686754 x-amz-server-side-encryption AES256 content-encoding br alt-svc h3=":443"; ma=86400 x-amz-id-2 CKw4dIQEx6Jha36oTg1GRoqR3uKgNYe7Dhs3qQ0+6ggDQYrs3pHBjUtJcVDXbpQpqGRhwNYLEXg= referrer-policy no-referrer-when-downgrade last-modified Mon, 22 Apr 2024 09:05:46 GMT cf-bgj minify server cloudflare etag W/"1055c04a25711c761c807a1dbda018a0" vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding access-control-allow-methods GET report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hQ6CBgFXSXepFG1SPER6qImb5WX3OJh4LDwZexrP4sjMTT3raqPv4kjl2tBBc0fO5xrQfakX7lAav%2FaF9z2nvz6d3uhYkGQthxkCRUrLNaTbN9YtCbRNpPMI%2BC3nqiMsz1Xh%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800} location eyJpcCI6IjIxNy4xMTQuMjE4LjIyIiwiY291bnRyeUNvZGUiOiJERSIsImNvdW50cnkiOiJHZXJtYW55IiwibGF0aXR1ZGUiOiI1MS4yOTkzMCIsImxvbmdpdHVkZSI6IjkuNDkxMDAiLCJ0aW1lem9uZSI6IkV1cm9wZS9CZXJsaW4iLCJhc09yZ2FuaXphdGlvbiI6IktleXdlYiJ9 access-control-allow-origin * access-control-expose-headers x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, cf, clientIP, location cache-control no-cache permissions-policy microphone=() access-control-max-age 3000 content-type application/javascript; charset=utf-8 cf-ray 87c5056358ed916a-FRA
GET H2	200	favicon.png www.bridewell.com/ResourcePackages/BridewellConsulting/assets/dist/img/	1 KB 4 KB	42ms 41ms	Other image/png	2620:1ec:46::64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.bridewell.com/ResourcePackages/BridewellConsulting/assets/dist/img/favicon.png Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 63437b330c7be63ed980334bd41d9246ab3f5f0cc284dfe3d302ab3e5b3b79a9 Security Headers Name Value Content-Security-Policy default-src 'self' *.appius.co.uk *.google.com *.bridewell.com *.insights.bridewell.com *.iconnode.com popupsmart.com forms.office.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.google.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com unpkg.com/@frontify/ *.cloudinary.com *.onetrust.com *.bridewellconsulting.com *.livechatinc.com snap.licdn.com https://*.googletagmanager.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com/ popupsmart.com insights.bridewell.com https://pi.pardot.com *.iconnode.com forms.office.com; style-src 'self' 'unsafe-inline' *.googleapis.com forms.office.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com https://www.googletagmanager.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: secure.livechatinc.com cdn.livechatinc.com https://*.hotjar.com https://*.canva.com popupsmart.com cdn.popupsmart.com; img-src 'self' *.gstatic.com *.googleapis.com https://*.popupsmart.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com *.onetrust.com px.ads.linkedin.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google.co.uk https://cdn.livechatinc.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com; media-src 'self' data: blob: *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com cdn.popupsmart.com popupsmart.com; frame-ancestors 'self' https://bridewellconsulting.sharepoint.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.frontify.com cloudinary.com *.cloudinary.com *.appius.co.uk *.google.com *.bridewell.com *.bridewellconsulting.com secure.livechatinc.com/ https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com; connect-src 'self' data: accounts.google.com stats.g.doubleclick.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.analytics.google.com *.gstatic.com *.frontify.com *.cloudinary.com *.onetrust.com *.bridewellconsulting.com cdn.linkedin.oribi.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://www.facebook.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com https://px.ads.linkedin.com https://*.popupsmart.com; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:09:41 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-security-policy default-src 'self' *.appius.co.uk *.google.com *.bridewell.com *.insights.bridewell.com *.iconnode.com popupsmart.com forms.office.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.google.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com unpkg.com/@frontify/ *.cloudinary.com *.onetrust.com *.bridewellconsulting.com *.livechatinc.com snap.licdn.com https://*.googletagmanager.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com/ popupsmart.com insights.bridewell.com https://pi.pardot.com *.iconnode.com forms.office.com; style-src 'self' 'unsafe-inline' *.googleapis.com forms.office.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com https://www.googletagmanager.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: secure.livechatinc.com cdn.livechatinc.com https://*.hotjar.com https://*.canva.com popupsmart.com cdn.popupsmart.com; img-src 'self' *.gstatic.com *.googleapis.com https://*.popupsmart.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com *.onetrust.com px.ads.linkedin.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google.co.uk https://cdn.livechatinc.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com; media-src 'self' data: blob: *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com cdn.popupsmart.com popupsmart.com; frame-ancestors 'self' https://bridewellconsulting.sharepoint.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.frontify.com cloudinary.com *.cloudinary.com *.appius.co.uk *.google.com *.bridewell.com *.bridewellconsulting.com secure.livechatinc.com/ https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com; connect-src 'self' data: accounts.google.com stats.g.doubleclick.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.analytics.google.com *.gstatic.com *.frontify.com *.cloudinary.com *.onetrust.com *.bridewellconsulting.com cdn.linkedin.oribi.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://www.facebook.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com https://px.ads.linkedin.com https://*.popupsmart.com; x-permitted-cross-domain-policies none x-cache CONFIG_NOCACHE content-length 1024 x-xss-protection 1; mode=block request-context appId=cid-v1:35f9c660-8cdd-4673-a103-1ce2f09d11cf referrer-policy no-referrer-when-downgrade last-modified Mon, 15 Apr 2024 08:30:19 GMT etag "1d3e6f26f8fda1:0" x-frame-options SAMEORIGIN x-azure-ref 20240430T050941Z-17859dc676bcxgd98xd7z11vh40000000620000000014r22 content-type image/png access-control-expose-headers Request-Context cache-control max-age=2678400 accept-ranges bytes
GET H2	200	favicon.svg www.bridewell.com/ResourcePackages/BridewellConsulting/assets/dist/img/	1 KB 4 KB	40ms 39ms	Other image/svg+xml	2620:1ec:46::64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.bridewell.com/ResourcePackages/BridewellConsulting/assets/dist/img/favicon.svg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 7c12dbf40ee330b061a63f0a3ff450f65df624ae8d7e987cbcbcf77bb7f30edf Security Headers Name Value Content-Security-Policy default-src 'self' *.appius.co.uk *.google.com *.bridewell.com *.insights.bridewell.com *.iconnode.com popupsmart.com forms.office.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.google.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com unpkg.com/@frontify/ *.cloudinary.com *.onetrust.com *.bridewellconsulting.com *.livechatinc.com snap.licdn.com https://*.googletagmanager.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com/ popupsmart.com insights.bridewell.com https://pi.pardot.com *.iconnode.com forms.office.com; style-src 'self' 'unsafe-inline' *.googleapis.com forms.office.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com https://www.googletagmanager.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: secure.livechatinc.com cdn.livechatinc.com https://*.hotjar.com https://*.canva.com popupsmart.com cdn.popupsmart.com; img-src 'self' *.gstatic.com *.googleapis.com https://*.popupsmart.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com *.onetrust.com px.ads.linkedin.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google.co.uk https://cdn.livechatinc.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com; media-src 'self' data: blob: *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com cdn.popupsmart.com popupsmart.com; frame-ancestors 'self' https://bridewellconsulting.sharepoint.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.frontify.com cloudinary.com *.cloudinary.com *.appius.co.uk *.google.com *.bridewell.com *.bridewellconsulting.com secure.livechatinc.com/ https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com; connect-src 'self' data: accounts.google.com stats.g.doubleclick.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.analytics.google.com *.gstatic.com *.frontify.com *.cloudinary.com *.onetrust.com *.bridewellconsulting.com cdn.linkedin.oribi.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://www.facebook.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com https://px.ads.linkedin.com https://*.popupsmart.com; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:09:41 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-security-policy default-src 'self' *.appius.co.uk *.google.com *.bridewell.com *.insights.bridewell.com *.iconnode.com popupsmart.com forms.office.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.google.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com unpkg.com/@frontify/ *.cloudinary.com *.onetrust.com *.bridewellconsulting.com *.livechatinc.com snap.licdn.com https://*.googletagmanager.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com/ popupsmart.com insights.bridewell.com https://pi.pardot.com *.iconnode.com forms.office.com; style-src 'self' 'unsafe-inline' *.googleapis.com forms.office.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com https://www.googletagmanager.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: secure.livechatinc.com cdn.livechatinc.com https://*.hotjar.com https://*.canva.com popupsmart.com cdn.popupsmart.com; img-src 'self' *.gstatic.com *.googleapis.com https://*.popupsmart.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com *.onetrust.com px.ads.linkedin.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google.co.uk https://cdn.livechatinc.com https://*.hotjar.com https://*.canva.com cdn.popupsmart.com; media-src 'self' data: blob: *.frontify.com *.cloudinary.com *.blob.core.windows.net *.bridewell.com cdn.popupsmart.com popupsmart.com; frame-ancestors 'self' https://bridewellconsulting.sharepoint.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.frontify.com cloudinary.com *.cloudinary.com *.appius.co.uk *.google.com *.bridewell.com *.bridewellconsulting.com secure.livechatinc.com/ https://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com; connect-src 'self' data: accounts.google.com stats.g.doubleclick.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.analytics.google.com *.gstatic.com *.frontify.com *.cloudinary.com *.onetrust.com *.bridewellconsulting.com cdn.linkedin.oribi.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://www.facebook.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.canva.com cdn.popupsmart.com popupsmart.com *.iconnode.com https://px.ads.linkedin.com https://*.popupsmart.com; x-permitted-cross-domain-policies none x-cache CONFIG_NOCACHE content-length 1134 x-xss-protection 1; mode=block request-context appId=cid-v1:35f9c660-8cdd-4673-a103-1ce2f09d11cf referrer-policy no-referrer-when-downgrade last-modified Mon, 15 Apr 2024 08:30:19 GMT etag "1d3e6f26f8fda1:0" x-frame-options SAMEORIGIN x-azure-ref 20240430T050941Z-17859dc676bcxgd98xd7z11vh40000000620000000014r24 content-type image/svg+xml access-control-expose-headers Request-Context cache-control max-age=2678400 accept-ranges bytes
GET H2	200	css2 fonts.googleapis.com/	2 KB 851 B	74ms 27ms	Stylesheet text/css	2a00:1450:4001:812::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Poppins:wght@400;600;700&display=swap Requested by Host: cdn.popupsmart.com URL: https://cdn.popupsmart.com/bundle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 51f5b1e8bf23c87b2ab7d5a8de0205944338068a34b06c1c74a79930e26f18a3 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Tue, 30 Apr 2024 05:09:41 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 30 Apr 2024 04:58:12 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 30 Apr 2024 05:09:41 GMT
GET H3	200	empty.png cdn.popupsmart.com/assets/	2 KB 2 KB	29ms 29ms	Image image/webp	172.67.71.162 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.popupsmart.com/assets/empty.png Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.71.162 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2aadda1266eded7b20436d2ba9b192887e9c1415fdd034ec20599b46da813076 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:09:41 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id CRFF4EM0GCA3WYJN age 659 cf-polished origFmt=png, origSize=15403 x-amz-server-side-encryption AES256 content-disposition inline; filename="empty.webp" alt-svc h3=":443"; ma=86400 content-length 1644 x-amz-id-2 xCQFUj8eFOLfpZNxK7UzQoFHLXAmgXknrn4u4imOHexrK+Xeyxj8/oBIQBLBbfRskNBvdKqVNUU= referrer-policy no-referrer-when-downgrade cf-bgj imgq:85,h2pri last-modified Tue, 07 Mar 2023 12:19:13 GMT server cloudflare etag "afc5d29582999d9f70ec68780e7f4204" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rZGuevguCOsOcF25vhCvJNg%2Bb%2BS0NkceD3x4JGCWiV8ki4CLsNEjNr42enDujPck6ipL%2B6mWzwoSHY8ZF3XamcOpS4tR%2B%2BBGknFKCF0lqpqHYff%2BywmoMeID8nAp5Xj8HY36YQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp permissions-policy microphone=() accept-ranges bytes cf-ray 87c50563ee6503dc-FRA
GET H2	403	cyber-security-in-critical-national-infrastructure-organisations-2024 www.bridewell.com/insights/white-papers/detail/	27 B 27 B	26ms 25ms	Image text/html	2620:1ec:46::64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.bridewell.com/insights/white-papers/detail/cyber-security-in-critical-national-infrastructure-organisations-2024?utm_source=referral&utm_medium=popup&utm_term=cni-research-2024-popup&utm_content=cni-research-2024&utm_campaign=cni-research-2024%22,%22pageName%22:%22%22,%22countAsInteraction%22:true,%22target%22:%22current-tab%22},%22style%22:{%22marginLeft%22:%220px%22,%22marginRight%22:%220px%22,%22marginTop%22:%228.33px%22,%22marginBottom%22:%228.33px%22,%22width%22:%22100%%22,%22height%22:%22fit-content%22},%22id%22:%22button-1a3tbrvwmb4w%22,%22className%22:%22button-p_1a3tbrvwmb4w%22},%22childNodes%22:[%22%3Cp%20style=\\%22text-align:%20center;\\%22%3EDOWNLOAD%20THE%20RESEARCH%20REPORT%3C/p%3E%22]}]}],%22id%22:%22cqr2mb0l6s80%22},{%22nodeName%22:%22close-button%22,%22attributes%22:{%22style%22:{%22display%22:%22flex%22,%22justifyContent%22:%22center%22,%22alignItems%22:%22center%22,%22position%22:%22absolute%22,%22zIndex%22:%221%22,%22top%22:%220px%22,%22right%22:%220px%22,%22paddingTop%22:%228.33px%22,%22paddingBottom%22:%228.33px%22,%22paddingLeft%22:%228.33px%22,%22paddingRight%22:%228.33px%22,%22marginTop%22:%228.33px%22,%22marginRight%22:%228.33px%22,%22width%22:%2210px%22,%22borderTopLeftRadius%22:%2241.62px%22,%22borderTopRightRadius%22:%2241.62px%22,%22borderBottomLeftRadius%22:%2241.62px%22,%22borderBottomRightRadius%22:%2241.62px%22,%22strokeWidth%22:%221.67px%22,%22transform%22:%22none%22},%22id%22:%22close-button-cqr2mb0l0rk0%22,%22className%22:%22close-button-p_cqr2mb0l0rk0%22},%22childNodes%22:[],%22id%22:%22cqr2mb0l0rk0%22}]},%22desktop%22:{%22id%22:%22canvas%22,%22nodeName%22:%22block%22,%22attributes%22:{%22style%22:{%22display%22:%22grid%22,%22position%22:%22relative%22,%22gridTemplateColumns%22:%22100%%22,%22paddingTop%22:%220px%22,%22paddingBottom%22:%220px%22,%22paddingLeft%22:%220px%22,%22paddingRight%22:%220px%22,%22marginTop%22:%22auto%22,%22marginBottom%22:%2216.64px%22,%22marginLeft%22:%22auto%22,%22marginRight%22:%2216.64px%22,%22maxWidth%22:%22399.46px%22,%22width%22:%22100%%22,%22overflow%22:%22hidden%22,%22height%22:%22auto%22,%22verticalAlign%22:%22middle%22,%22justifyContent%22:%22flex-end%22,%22alignItems%22:%22end%22,%22objectPosition%22:%22bottom%20right%22}},%22childNodes%22:[{%22nodeName%22:%22block%22,%22attributes%22:{%22style%22:{%22position%22:%22relative%22,%22display%22:%22grid%22,%22gridTemplateColumns%22:%22100%%22,%22paddingTop%22:%220px%22,%22paddingBottom%22:%220px%22,%22paddingLeft%22:%220px%22,%22paddingRight%22:%220px%22,%22width%22:%22100%%22,%22height%22:%22100%%22,%22maxWidth%22:%22100%%22,%22overflow%22:%22visible%22,%22marginBottom%22:%220px%22},%22id%22:%22block-cqr2mb0koh40%22,%22className%22:%22block-p_cqr2mb0koh40%22},%22childNodes%22:[{%22id%22:%22cqr2mb0kcm80%22,%22nodeName%22:%22image%22,%22childNodes%22:[],%22attributes%22:{%22src%22:%22https://cdn.popupsmart.com/uploaded/e9607a29fcf7e8470281014c11f717c2.jpeg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash a0da40bbc41e8d619e241b8ab81ec364e0c5a84d868552c5683250072adf0664 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:09:41 GMT content-length 27 x-azure-ref 20240430T050941Z-17859dc676bcxgd98xd7z11vh40000000620000000014r2b x-cache CONFIG_NOCACHE content-type text/html
GET H2	403	cyber-security-in-critical-national-infrastructure-organisations-2024 www.bridewell.com/insights/white-papers/detail/	27 B 27 B	119ms 24ms	Image text/html	2620:1ec:46::64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.bridewell.com/insights/white-papers/detail/cyber-security-in-critical-national-infrastructure-organisations-2024?utm_source=referral&utm_medium=popup&utm_term=cni-research-2024-popup&utm_content=cni-research-2024&utm_campaign=cni-research-2024%22,%22pageName%22:%22%22,%22countAsInteraction%22:true,%22target%22:%22current-tab%22},%22style%22:{%22marginLeft%22:%220px%22,%22marginRight%22:%220px%22,%22marginTop%22:%228.33px%22,%22marginBottom%22:%228.33px%22,%22width%22:%22100%%22,%22height%22:%22fit-content%22},%22id%22:%22button-1a3tbrvwmb4w%22,%22className%22:%22button-p_1a3tbrvwmb4w%22},%22childNodes%22:[%22%3Cp%20style=\\%22text-align:%20center;\\%22%3EDOWNLOAD%20THE%20RESEARCH%20REPORT%3C/p%3E%22]}]}],%22id%22:%22cqr2mb0l6s80%22},{%22nodeName%22:%22close-button%22,%22attributes%22:{%22style%22:{%22display%22:%22flex%22,%22justifyContent%22:%22center%22,%22alignItems%22:%22center%22,%22position%22:%22absolute%22,%22zIndex%22:%221%22,%22top%22:%220px%22,%22right%22:%220px%22,%22paddingTop%22:%228.33px%22,%22paddingBottom%22:%228.33px%22,%22paddingLeft%22:%228.33px%22,%22paddingRight%22:%228.33px%22,%22marginTop%22:%228.33px%22,%22marginRight%22:%228.33px%22,%22width%22:%2210px%22,%22borderTopLeftRadius%22:%2241.62px%22,%22borderTopRightRadius%22:%2241.62px%22,%22borderBottomLeftRadius%22:%2241.62px%22,%22borderBottomRightRadius%22:%2241.62px%22,%22strokeWidth%22:%221.67px%22,%22transform%22:%22none%22},%22id%22:%22close-button-cqr2mb0l0rk0%22,%22className%22:%22close-button-p_cqr2mb0l0rk0%22},%22childNodes%22:[],%22id%22:%22cqr2mb0l0rk0%22}]}},%22appearance%22:{%22displayEffect%22:{%22type%22:%22FADE_IN%22},%22backgroundOverlay%22:{%22show%22:true,%22transparency%22:10,%22color%22:%22 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash a0da40bbc41e8d619e241b8ab81ec364e0c5a84d868552c5683250072adf0664 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:09:41 GMT content-length 27 x-azure-ref 20240430T050941Z-17859dc676bswpdwn4zp9q5c14000000015000000001qqs8 x-cache CONFIG_NOCACHE content-type text/html
GET H3	200	empty.png cdn.popupsmart.com/assets/	2 KB 0	1ms 1ms	Image image/webp	172.67.71.162 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.popupsmart.com/assets/empty.png Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.71.162 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2aadda1266eded7b20436d2ba9b192887e9c1415fdd034ec20599b46da813076 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:09:41 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id CRFF4EM0GCA3WYJN age 659 cf-polished origFmt=png, origSize=15403 x-amz-server-side-encryption AES256 content-disposition inline; filename="empty.webp" alt-svc h3=":443"; ma=86400 content-length 1644 x-amz-id-2 xCQFUj8eFOLfpZNxK7UzQoFHLXAmgXknrn4u4imOHexrK+Xeyxj8/oBIQBLBbfRskNBvdKqVNUU= referrer-policy no-referrer-when-downgrade cf-bgj imgq:85,h2pri last-modified Tue, 07 Mar 2023 12:19:13 GMT server cloudflare etag "afc5d29582999d9f70ec68780e7f4204" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rZGuevguCOsOcF25vhCvJNg%2Bb%2BS0NkceD3x4JGCWiV8ki4CLsNEjNr42enDujPck6ipL%2B6mWzwoSHY8ZF3XamcOpS4tR%2B%2BBGknFKCF0lqpqHYff%2BywmoMeID8nAp5Xj8HY36YQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp permissions-policy microphone=() accept-ranges bytes cf-ray 87c50563ee6503dc-FRA
GET H3	200	e9607a29fcf7e8470281014c11f717c2.jpeg cdn.popupsmart.com/uploaded/	171 KB 0	1ms 1ms	Image image/webp	172.67.71.162 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.popupsmart.com/uploaded/e9607a29fcf7e8470281014c11f717c2.jpeg Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.71.162 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0f20eec24153276f27225ebf9d224c8b33d7ebf931370ba5cf506a563c01825b Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:09:40 GMT x-content-type-options nosniff cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id Y4P7TY1V4MJCPTYF cf-polished qual=85, origFmt=jpeg, origSize=1000392 x-amz-server-side-encryption AES256 content-disposition inline; filename="e9607a29fcf7e8470281014c11f717c2.webp" alt-svc h3=":443"; ma=86400 content-length 174882 x-amz-id-2 DX21H0QAFJficzrhayygE5ICGK6dQqlKG0WV9egY5pluwbb78cWuSsfXPpOvlZWY3Wfdiiz4XhQ= referrer-policy no-referrer-when-downgrade cf-bgj imgq:85,h2pri last-modified Wed, 17 Apr 2024 09:05:58 GMT server cloudflare etag "7a06ec3cbd1b607e32d203310691f727" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nxLVg39QXUMCs2%2B44JzT1n7FKA2sw%2FFMYDfFelC%2BlczN05sNqla1dBF1TRBJM600aXe5kqavLAWPW5ZMgBjoW9tyIiwWlvvIho4WPlCSKXTU6rk7Fedkeg%2Fk7IF%2Bbf8B80a45Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=1440 permissions-policy microphone=() accept-ranges bytes cf-ray 87c505623d0103dc-FRA
GET H2	403	cyber-security-in-critical-national-infrastructure-organisations-2024 www.bridewell.com/insights/white-papers/detail/	27 B 27 B	97ms 23ms	Image text/html	2620:1ec:46::64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.bridewell.com/insights/white-papers/detail/cyber-security-in-critical-national-infrastructure-organisations-2024?utm_source=referral&utm_medium=popup&utm_term=cni-research-2024-popup&utm_content=cni-research-2024&utm_campaign=cni-research-2024%22,%22pageName%22:%22%22,%22countAsInteraction%22:true,%22target%22:%22current-tab%22},%22style%22:{%22marginLeft%22:%220px%22,%22marginRight%22:%220px%22,%22marginTop%22:%228.33px%22,%22marginBottom%22:%228.33px%22,%22width%22:%22100%%22,%22height%22:%22fit-content%22},%22id%22:%22button-1a3tbrvwmb4w%22,%22className%22:%22button-p_1a3tbrvwmb4w%22},%22childNodes%22:[%22%3Cp%20style=\\%22text-align:%20center;\\%22%3EDOWNLOAD%20THE%20RESEARCH%20REPORT%3C/p%3E%22]}]}],%22id%22:%22cqr2mb0l6s80%22},{%22nodeName%22:%22close-button%22,%22attributes%22:{%22style%22:{%22display%22:%22flex%22,%22justifyContent%22:%22center%22,%22alignItems%22:%22center%22,%22position%22:%22absolute%22,%22zIndex%22:%221%22,%22top%22:%220px%22,%22right%22:%220px%22,%22paddingTop%22:%228.33px%22,%22paddingBottom%22:%228.33px%22,%22paddingLeft%22:%228.33px%22,%22paddingRight%22:%228.33px%22,%22marginTop%22:%228.33px%22,%22marginRight%22:%228.33px%22,%22width%22:%2210px%22,%22borderTopLeftRadius%22:%2241.62px%22,%22borderTopRightRadius%22:%2241.62px%22,%22borderBottomLeftRadius%22:%2241.62px%22,%22borderBottomRightRadius%22:%2241.62px%22,%22strokeWidth%22:%221.67px%22,%22transform%22:%22none%22},%22id%22:%22close-button-cqr2mb0l0rk0%22,%22className%22:%22close-button-p_cqr2mb0l0rk0%22},%22childNodes%22:[],%22id%22:%22cqr2mb0l0rk0%22}]},%22desktop%22:{%22id%22:%22canvas%22,%22nodeName%22:%22block%22,%22attributes%22:{%22style%22:{%22display%22:%22grid%22,%22position%22:%22relative%22,%22gridTemplateColumns%22:%22100%%22,%22paddingTop%22:%220px%22,%22paddingBottom%22:%220px%22,%22paddingLeft%22:%220px%22,%22paddingRight%22:%220px%22,%22marginTop%22:%22auto%22,%22marginBottom%22:%2216.64px%22,%22marginLeft%22:%22auto%22,%22marginRight%22:%2216.64px%22,%22maxWidth%22:%22399.46px%22,%22width%22:%22100%%22,%22overflow%22:%22hidden%22,%22height%22:%22auto%22,%22verticalAlign%22:%22middle%22,%22justifyContent%22:%22flex-end%22,%22alignItems%22:%22end%22,%22objectPosition%22:%22bottom%20right%22}},%22childNodes%22:[{%22nodeName%22:%22block%22,%22attributes%22:{%22style%22:{%22position%22:%22relative%22,%22display%22:%22grid%22,%22gridTemplateColumns%22:%22100%%22,%22paddingTop%22:%220px%22,%22paddingBottom%22:%220px%22,%22paddingLeft%22:%220px%22,%22paddingRight%22:%220px%22,%22width%22:%22100%%22,%22height%22:%22100%%22,%22maxWidth%22:%22100%%22,%22overflow%22:%22visible%22,%22marginBottom%22:%220px%22},%22id%22:%22block-cqr2mb0koh40%22,%22className%22:%22block-p_cqr2mb0koh40%22},%22childNodes%22:[{%22id%22:%22cqr2mb0kcm80%22,%22nodeName%22:%22image%22,%22childNodes%22:[],%22attributes%22:{%22src%22:%22https://cdn.popupsmart.com/uploaded/e9607a29fcf7e8470281014c11f717c2.jpeg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash a0da40bbc41e8d619e241b8ab81ec364e0c5a84d868552c5683250072adf0664 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.bridewell.com/insights/blogs/detail/clearfake-campaign Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:09:42 GMT content-length 27 x-azure-ref 20240430T050942Z-17859dc676bfc8hgvt7fy1xtan0000000a1g00000000qt7w x-cache CONFIG_NOCACHE content-type text/html
GET		cyber-security-in-critical-national-infrastructure-organisations-2024 www.bridewell.com/insights/white-papers/detail/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

px4.ads.linkedin.com

URL

https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4499777&time=1714453779689&url=https%3A%2F%2Fwww.bridewell.com%2Finsights%2Fblogs%2Fdetail%2Fclearfake-campaign&cookiesTest=true&liSync=true&e_ipv6=AQKZ9LXnrr_UCwAAAY8taJkbVVXwHceUYVIlPoPU3pymq1fKwslxBhpD1P1Ql_FwhcQn9dky7rF1

Domain

www.bridewell.com

URL

https://www.bridewell.com/insights/white-papers/detail/cyber-security-in-critical-national-infrastructure-organisations-2024?utm_source=referral&utm_medium=popup&utm_term=cni-research-2024-popup&utm_content=cni-research-2024&utm_campaign=cni-research-2024%22,%22pageName%22:%22%22,%22countAsInteraction%22:true,%22target%22:%22current-tab%22},%22style%22:{%22marginLeft%22:%220px%22,%22marginRight%22:%220px%22,%22marginTop%22:%228.33px%22,%22marginBottom%22:%228.33px%22,%22width%22:%22100%%22,%22height%22:%22fit-content%22},%22id%22:%22button-1a3tbrvwmb4w%22,%22className%22:%22button-p_1a3tbrvwmb4w%22},%22childNodes%22:[%22%3Cp%20style=\\%22text-align:%20center;\\%22%3EDOWNLOAD%20THE%20RESEARCH%20REPORT%3C/p%3E%22]}]}],%22id%22:%22cqr2mb0l6s80%22},{%22nodeName%22:%22close-button%22,%22attributes%22:{%22style%22:{%22display%22:%22flex%22,%22justifyContent%22:%22center%22,%22alignItems%22:%22center%22,%22position%22:%22absolute%22,%22zIndex%22:%221%22,%22top%22:%220px%22,%22right%22:%220px%22,%22paddingTop%22:%228.33px%22,%22paddingBottom%22:%228.33px%22,%22paddingLeft%22:%228.33px%22,%22paddingRight%22:%228.33px%22,%22marginTop%22:%228.33px%22,%22marginRight%22:%228.33px%22,%22width%22:%2210px%22,%22borderTopLeftRadius%22:%2241.62px%22,%22borderTopRightRadius%22:%2241.62px%22,%22borderBottomLeftRadius%22:%2241.62px%22,%22borderBottomRightRadius%22:%2241.62px%22,%22strokeWidth%22:%221.67px%22,%22transform%22:%22none%22},%22id%22:%22close-button-cqr2mb0l0rk0%22,%22className%22:%22close-button-p_cqr2mb0l0rk0%22},%22childNodes%22:[],%22id%22:%22cqr2mb0l0rk0%22}]}},%22appearance%22:{%22displayEffect%22:{%22type%22:%22FADE_IN%22},%22backgroundOverlay%22:{%22show%22:true,%22transparency%22:10,%22color%22:%22