www.thinkbrg.com Open in urlscan Pro
172.64.150.158 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ecommunications.thinkbrg.com/e/or0mcrprnszknkg/61da5b4b-7290-4d81-8b53-8b8329374e9e
Effective URL:
https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20(ex...
Submission: On May 19 via manual (May 19th 2022, 2:12:15 pm UTC) from US — Scanned from DE

Summary HTTP 61 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 9 domains to perform 61 HTTP transactions. The main IP is 172.64.150.158, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.thinkbrg.com. The Cisco Umbrella rank of the primary domain is 937418.
TLS certificate: Issued by Entrust Certification Authority - L1K on July 7th 2021. Valid for: a year.

This is the only time www.thinkbrg.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	108.166.30.176 108.166.30.176	19994 (RACKSPACE) (RACKSPACE)
1 1	162.209.20.37 162.209.20.37	19994 (RACKSPACE) (RACKSPACE)
1 43	172.64.150.158 172.64.150.158	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a02:26f0:350... 2a02:26f0:3500:7::17d8:4dcd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.201.125.192 35.201.125.192	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:7::17d8:4dc7	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
1	34.102.193.142 34.102.193.142	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.190.5.192 35.190.5.192	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
61	10

2 108.166.30.176 (United States) 2 redirects

ASN19994 (RACKSPACE, US)

ecommunications.thinkbrg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.209.20.37 (United States) 1 redirects

ASN19994 (RACKSPACE, US)
PTR: v83.vx-email.com

thinkbrg.vuturevx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 172.64.150.158 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.thinkbrg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.thinkbrg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:3500:7::17d8:4dcd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.125.192 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 192.125.201.35.bc.googleusercontent.com

cdn.bc0a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:7::17d8:4dc7 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.193.142 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 142.193.102.34.bc.googleusercontent.com

ixfd1-api.bc0a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.5.192 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 192.5.190.35.bc.googleusercontent.com

cdn.b0e8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	thinkbrg.com 3 redirects ecommunications.thinkbrg.com www.thinkbrg.com — Cisco Umbrella Rank: 937418 media.thinkbrg.com	10 MB
6	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 501	99 KB
4	typekit.net use.typekit.net — Cisco Umbrella Rank: 497 p.typekit.net — Cisco Umbrella Rank: 633	151 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
2	bc0a.com cdn.bc0a.com — Cisco Umbrella Rank: 14319 ixfd1-api.bc0a.com — Cisco Umbrella Rank: 28120	17 KB
1	b0e8.com cdn.b0e8.com — Cisco Umbrella Rank: 10571 a1.b0e8.com Failed	22 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	45 KB
1	vuturevx.com 1 redirects thinkbrg.vuturevx.com	257 B
0	doubleclick.net Failed stats.g.doubleclick.net Failed
61	9

	Domain	Requested by
27	www.thinkbrg.com	1 redirects www.thinkbrg.com
16	media.thinkbrg.com	www.thinkbrg.com
6	cdn.cookielaw.org	www.thinkbrg.com cdn.cookielaw.org
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	use.typekit.net	www.thinkbrg.com use.typekit.net
2	ecommunications.thinkbrg.com	2 redirects
1	cdn.b0e8.com	www.thinkbrg.com
1	ixfd1-api.bc0a.com	cdn.bc0a.com
1	www.googletagmanager.com	www.thinkbrg.com
1	p.typekit.net	use.typekit.net
1	cdn.bc0a.com	www.thinkbrg.com
1	thinkbrg.vuturevx.com	1 redirects
0	stats.g.doubleclick.net Failed	www.google-analytics.com
0	a1.b0e8.com Failed	www.thinkbrg.com
61	14

This site contains links to these domains. Also see Links.

Domain
thinksetmag.com
multimedia.thinkbrg.com
www.linkedin.com
twitter.com
www.youtube.com
cookiepedia.co.uk
onetrust.com

Subject Issuer	Validity	Valid
www.thinkbrg.com Entrust Certification Authority - L1K	`2021-07-07` - `2022-08-05`	a year	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2022-03-07` - `2023-04-07`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2022-05-01` - `2023-05-01`	a year	crt.sh
cdn.bc0a.com GTS CA 1D4	`2022-05-10` - `2022-08-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
ixfd-api.bc0a.com GTS CA 1D4	`2022-05-10` - `2022-08-08`	3 months	crt.sh
cdn.b0e8.com GTS CA 1D4	`2022-05-14` - `2022-08-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20(external)
Frame ID: B2A80E4194F1BCB8311DA627E323D0C4
Requests: 62 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Page URL History Show full URLs

https://ecommunications.thinkbrg.com/e/or0mcrprnszknkg/61da5b4b-7290-4d81-8b53-8b8329374e9e HTTP 302
https://ecommunications.thinkbrg.com/email_handler.aspx?shortUrl=or0mcrprnszknkg&sid=61da5b4b-7290-4d81-8b53-8b83... HTTP 302
https://thinkbrg.vuturevx.com/edit/email_handler.aspx?shortUrl=or0mcrprnszknkg&sid=61da5b4b-7290-4d81-8b53... HTTP 302
http://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20ph... HTTP 301
https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20ph... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/_nuxt/

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

Page Statistics

61
Requests

97 %
HTTPS

45 %
IPv6

9
Domains

14
Subdomains

10
IPs

2
Countries

11037 kB
Transfer

12678 kB
Size

5
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://thinksetmag.com/
Title: ThinkSet Magazine ThinkSet Strategic business consulting news and analysis

Search URL Search Domain Scan URL

URL: https://multimedia.thinkbrg.com/
Title: Digital Multimedia Hub Business focused content, curating webinar and virtual conference recordings, firm and practice overviews, and podcasts from across industries.

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/berkeley-research-group-llc/

Search URL Search Domain Scan URL

URL: https://twitter.com/BRGexpert

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/BRGexpert

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ecommunications.thinkbrg.com/e/or0mcrprnszknkg/61da5b4b-7290-4d81-8b53-8b8329374e9e HTTP 302
https://ecommunications.thinkbrg.com/email_handler.aspx?shortUrl=or0mcrprnszknkg&sid=61da5b4b-7290-4d81-8b53-8b8329374e9e HTTP 302
https://thinkbrg.vuturevx.com/edit/email_handler.aspx?shortUrl=or0mcrprnszknkg&sid=61da5b4b-7290-4d81-8b53-8b8329374e9e HTTP 302
http://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20(external) HTTP 301
https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20(external) Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

61 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.thinkbrg.com/
Redirect Chain

https://ecommunications.thinkbrg.com/e/or0mcrprnszknkg/61da5b4b-7290-4d81-8b53-8b8329374e9e
https://ecommunications.thinkbrg.com/email_handler.aspx?shortUrl=or0mcrprnszknkg&sid=61da5b4b-7290-4d81-8b53-8b8329374e9e
https://thinkbrg.vuturevx.com/edit/email_handler.aspx?shortUrl=or0mcrprnszknkg&sid=61da5b4b-7290-4d81-8b53-8b8329374e9e
http://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20(external)
https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20(external)

130 KB
25 KB

699ms
678ms

Document
text/html

172.64.150.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20(external)

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.158 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e631b7a845be3faa30a22a999f05bd08a0ff3c850070ef2dddb1dad93899437b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' .amazonaws.com .google.com .google-analytics.com .googletagmanager.com .bc0a.com .b0e8.com api.brightedge.com .youtube.com .vimeo.com vimeo.com .gstatic.com .oniqa.com .cookielaw.org .onistaged.com .typekit.net .onenorth.com .thinkbrg.com .vidyard.com; object-src 'self'; img-src 'self' .amazonaws.com .google.com .google-analytics.com .googletagmanager.com .youtube.com .vimeo.com vimeo.com .gstatic.com .oniqa.com .cookielaw.org .onistaged.com .typekit.net .onenorth.com .thinkbrg.com .vidyard.com data:; font-src 'self' *.typekit.net data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 70dd6d015c059000-FRA
content-encoding: br
content-security-policy: default-src 'self' 'unsafe-inline' *.amazonaws.com *.google.com *.google-analytics.com *.googletagmanager.com *.bc0a.com *.b0e8.com api.brightedge.com *.youtube.com *.vimeo.com vimeo.com *.gstatic.com *.oniqa.com *.cookielaw.org *.onistaged.com *.typekit.net *.onenorth.com *.thinkbrg.com *.vidyard.com; object-src 'self'; img-src 'self' *.amazonaws.com *.google.com *.google-analytics.com *.googletagmanager.com *.youtube.com *.vimeo.com vimeo.com *.gstatic.com *.oniqa.com *.cookielaw.org *.onistaged.com *.typekit.net *.onenorth.com *.thinkbrg.com *.vidyard.com data:; font-src 'self' *.typekit.net data:;
content-type: text/html; charset=utf-8
date: Thu, 19 May 2022 14:12:09 GMT
etag: W/"206ae-umlIo42fGP+Iyov/SPgAHaP3oKw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer-when-downgrade
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 vegur
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-p: APMAC2
x-powered-by: Express
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block

Redirect headers

CF-RAY: 70dd6cffeb299191-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Thu, 19 May 2022 14:12:08 GMT
Expires: Thu, 19 May 2022 15:12:08 GMT
Location: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20(external)
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 rog2ylx.css
use.typekit.net/ 40 KB
3 KB 63ms
23ms Stylesheet
text/css 2a02:26f0:3500:7::17d8:4dcd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/rog2ylx.css

Requested by

Host: www.thinkbrg.com
URL: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20(external)

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:7::17d8:4dcd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

70b31621720c33d1d4d06a73ced3c4d000594e5430c305a32b7eff4e445e161d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20(external)
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Thu, 19 May 2022 14:12:09 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2860

GET
H2 200 e0d762808606f9e25ecf.js Show response
www.thinkbrg.com/_nuxt/ 3 KB
2 KB 62ms
60ms Script
application/javascript 172.64.150.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thinkbrg.com/_nuxt/e0d762808606f9e25ecf.js

Requested by

Host: www.thinkbrg.com
URL: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20(external)

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.158 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

965bb1d0e0b769a19b6ecfc64bf815459f7c6ea3f5fe13969e3427c134a332c6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' .amazonaws.com .google.com .google-analytics.com .googletagmanager.com .bc0a.com .b0e8.com api.brightedge.com .youtube.com .vimeo.com vimeo.com .gstatic.com .oniqa.com .cookielaw.org .onistaged.com .typekit.net .onenorth.com .thinkbrg.com .vidyard.com; object-src 'self'; img-src 'self' .amazonaws.com .google.com .google-analytics.com .googletagmanager.com .youtube.com .vimeo.com vimeo.com .gstatic.com .oniqa.com .cookielaw.org .onistaged.com .typekit.net .onenorth.com .thinkbrg.com .vidyard.com data:; font-src 'self' *.typekit.net data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20(external)
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 14:12:09 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
age: 87410
x-powered-by: Express
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 28 Feb 2022 22:05:11 GMT
server: cloudflare
x-p: APMAC1
x-frame-options: SAMEORIGIN
etag: W/"b6f-17f425db1d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
content-security-policy: default-src 'self' 'unsafe-inline' *.amazonaws.com *.google.com *.google-analytics.com *.googletagmanager.com *.bc0a.com *.b0e8.com api.brightedge.com *.youtube.com *.vimeo.com vimeo.com *.gstatic.com *.oniqa.com *.cookielaw.org *.onistaged.com *.typekit.net *.onenorth.com *.thinkbrg.com *.vidyard.com; object-src 'self'; img-src 'self' *.amazonaws.com *.google.com *.google-analytics.com *.googletagmanager.com *.youtube.com *.vimeo.com vimeo.com *.gstatic.com *.oniqa.com *.cookielaw.org *.onistaged.com *.typekit.net *.onenorth.com *.thinkbrg.com *.vidyard.com data:; font-src 'self' *.typekit.net data:;
cf-ray: 70dd6d0748ca9000-FRA

GET
H2 200 189c2263fdcddb01f25b.js Show response
www.thinkbrg.com/_nuxt/ 182 KB
63 KB 42ms
40ms Script
application/javascript 172.64.150.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thinkbrg.com/_nuxt/189c2263fdcddb01f25b.js

Requested by

Host: www.thinkbrg.com
URL: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20(external)

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.158 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

fc0e69bbaa077dc7e14003fa8030c0e70c339f5a179fd2d60ae563df2743de46

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' .amazonaws.com .google.com .google-analytics.com .googletagmanager.com .bc0a.com .b0e8.com api.brightedge.com .youtube.com .vimeo.com vimeo.com .gstatic.com .oniqa.com .cookielaw.org .onistaged.com .typekit.net .onenorth.com .thinkbrg.com .vidyard.com; object-src 'self'; img-src 'self' .amazonaws.com .google.com .google-analytics.com .googletagmanager.com .youtube.com .vimeo.com vimeo.com .gstatic.com .oniqa.com .cookielaw.org .onistaged.com .typekit.net .onenorth.com .thinkbrg.com .vidyard.com data:; font-src 'self' *.typekit.net data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20(external)
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 14:12:09 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
age: 87410
x-powered-by: Express
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 28 Feb 2022 22:05:11 GMT
server: cloudflare
x-p: APMAC2
x-frame-options: SAMEORIGIN
etag: W/"2d651-17f425db1d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
content-security-policy: default-src 'self' 'unsafe-inline' *.amazonaws.com *.google.com *.google-analytics.com *.googletagmanager.com *.bc0a.com *.b0e8.com api.brightedge.com *.youtube.com *.vimeo.com vimeo.com *.gstatic.com *.oniqa.com *.cookielaw.org *.onistaged.com *.typekit.net *.onenorth.com *.thinkbrg.com *.vidyard.com; object-src 'self'; img-src 'self' *.amazonaws.com *.google.com *.google-analytics.com *.googletagmanager.com *.youtube.com *.vimeo.com vimeo.com *.gstatic.com *.oniqa.com *.cookielaw.org *.onistaged.com *.typekit.net *.onenorth.com *.thinkbrg.com *.vidyard.com data:; font-src 'self' *.typekit.net data:;
cf-ray: 70dd6d0748cc9000-FRA

GET
H2 200 04e367980db90b9db946.js Show response
www.thinkbrg.com/_nuxt/ 358 KB
103 KB 78ms
77ms Script
application/javascript 172.64.150.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thinkbrg.com/_nuxt/04e367980db90b9db946.js

Requested by

Host: www.thinkbrg.com
URL: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20(external)

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.158 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

3b354dc576cfa62cc0f5e18ab1202e5003386059f2f6122537f5c489940e6889

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' .amazonaws.com .google.com .google-analytics.com .googletagmanager.com .bc0a.com .b0e8.com api.brightedge.com .youtube.com .vimeo.com vimeo.com .gstatic.com .oniqa.com .cookielaw.org .onistaged.com .typekit.net .onenorth.com .thinkbrg.com .vidyard.com; object-src 'self'; img-src 'self' .amazonaws.com .google.com .google-analytics.com .googletagmanager.com .youtube.com .vimeo.com vimeo.com .gstatic.com .oniqa.com .cookielaw.org .onistaged.com .typekit.net .onenorth.com .thinkbrg.com .vidyard.com data:; font-src 'self' *.typekit.net data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20(external)
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 14:12:09 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
age: 87410
x-powered-by: Express
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 28 Feb 2022 22:05:11 GMT
server: cloudflare
x-p: APMAC2
x-frame-options: SAMEORIGIN
etag: W/"598cc-17f425db1d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
content-security-policy: default-src 'self' 'unsafe-inline' *.amazonaws.com *.google.com *.google-analytics.com *.googletagmanager.com *.bc0a.com *.b0e8.com api.brightedge.com *.youtube.com *.vimeo.com vimeo.com *.gstatic.com *.oniqa.com *.cookielaw.org *.onistaged.com *.typekit.net *.onenorth.com *.thinkbrg.com *.vidyard.com; object-src 'self'; img-src 'self' *.amazonaws.com *.google.com *.google-analytics.com *.googletagmanager.com *.youtube.com *.vimeo.com vimeo.com *.gstatic.com *.oniqa.com *.cookielaw.org *.onistaged.com *.typekit.net *.onenorth.com *.thinkbrg.com *.vidyard.com data:; font-src 'self' *.typekit.net data:;
cf-ray: 70dd6d0748ce9000-FRA

GET
H2 200 53831d671a1fba105060.js Show response
www.thinkbrg.com/_nuxt/ 154 KB
33 KB 32ms
30ms Script
application/javascript 172.64.150.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thinkbrg.com/_nuxt/53831d671a1fba105060.js

Requested by

Host: www.thinkbrg.com
URL: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20(external)

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.158 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

84c1c0866862385c6e6039a5dc225e9be949003c9ba7027fb5a3212557cf9491

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' .amazonaws.com .google.com .google-analytics.com .googletagmanager.com .bc0a.com .b0e8.com api.brightedge.com .youtube.com .vimeo.com vimeo.com .gstatic.com .oniqa.com .cookielaw.org .onistaged.com .typekit.net .onenorth.com .thinkbrg.com .vidyard.com; object-src 'self'; img-src 'self' .amazonaws.com .google.com .google-analytics.com .googletagmanager.com .youtube.com .vimeo.com vimeo.com .gstatic.com .oniqa.com .cookielaw.org .onistaged.com .typekit.net .onenorth.com .thinkbrg.com .vidyard.com data:; font-src 'self' *.typekit.net data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20(external)
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 14:12:09 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
age: 87410
x-powered-by: Express
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 28 Feb 2022 22:05:11 GMT
server: cloudflare
x-p: APMAC2
x-frame-options: SAMEORIGIN
etag: W/"267b0-17f425db1d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
content-security-policy: default-src 'self' 'unsafe-inline' *.amazonaws.com *.google.com *.google-analytics.com *.googletagmanager.com *.bc0a.com *.b0e8.com api.brightedge.com *.youtube.com *.vimeo.com vimeo.com *.gstatic.com *.oniqa.com *.cookielaw.org *.onistaged.com *.typekit.net *.onenorth.com *.thinkbrg.com *.vidyard.com; object-src 'self'; img-src 'self' *.amazonaws.com *.google.com *.google-analytics.com *.googletagmanager.com *.youtube.com *.vimeo.com vimeo.com *.gstatic.com *.oniqa.com *.cookielaw.org *.onistaged.com *.typekit.net *.onenorth.com *.thinkbrg.com *.vidyard.com data:; font-src 'self' *.typekit.net data:;
cf-ray: 70dd6d0748d09000-FRA

GET
H2 200 02e3bc2afc5eab04655b.js Show response
www.thinkbrg.com/_nuxt/ 18 KB
5 KB 30ms
29ms Script
application/javascript 172.64.150.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thinkbrg.com/_nuxt/02e3bc2afc5eab04655b.js

Requested by

Host: www.thinkbrg.com
URL: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20(external)

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.158 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

d737a6e31bf715e2d40ce46c531e9d6934e240b1d06bfe5d6ee64616c06c4844

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' .amazonaws.com .google.com .google-analytics.com .googletagmanager.com .bc0a.com .b0e8.com api.brightedge.com .youtube.com .vimeo.com vimeo.com .gstatic.com .oniqa.com .cookielaw.org .onistaged.com .typekit.net .onenorth.com .thinkbrg.com .vidyard.com; object-src 'self'; img-src 'self' .amazonaws.com .google.com .google-analytics.com .googletagmanager.com .youtube.com .vimeo.com vimeo.com .gstatic.com .oniqa.com .cookielaw.org .onistaged.com .typekit.net .onenorth.com .thinkbrg.com .vidyard.com data:; font-src 'self' *.typekit.net data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20(external)
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 14:12:09 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
age: 187777
x-powered-by: Express
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 28 Feb 2022 22:05:11 GMT
server: cloudflare
x-p: APMAC1
x-frame-options: SAMEORIGIN
etag: W/"4640-17f425db1d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
content-security-policy: default-src 'self' 'unsafe-inline' *.amazonaws.com *.google.com *.google-analytics.com *.googletagmanager.com *.bc0a.com *.b0e8.com api.brightedge.com *.youtube.com *.vimeo.com vimeo.com *.gstatic.com *.oniqa.com *.cookielaw.org *.onistaged.com *.typekit.net *.onenorth.com *.thinkbrg.com *.vidyard.com; object-src 'self'; img-src 'self' *.amazonaws.com *.google.com *.google-analytics.com *.googletagmanager.com *.youtube.com *.vimeo.com vimeo.com *.gstatic.com *.oniqa.com *.cookielaw.org *.onistaged.com *.typekit.net *.onenorth.com *.thinkbrg.com *.vidyard.com data:; font-src 'self' *.typekit.net data:;
cf-ray: 70dd6d0748d19000-FRA

GET
H2 200 f50d4f0f705d5abbbb95.js Show response
www.thinkbrg.com/_nuxt/ 21 KB
5 KB 32ms
31ms Script
application/javascript 172.64.150.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thinkbrg.com/_nuxt/f50d4f0f705d5abbbb95.js

Requested by

Host: www.thinkbrg.com
URL: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20(external)

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.158 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

00cdbf01caa8254efb21c888829e9d2ba04a8f2a31c1044925fdcfcee14cb4a1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' .amazonaws.com .google.com .google-analytics.com .googletagmanager.com .bc0a.com .b0e8.com api.brightedge.com .youtube.com .vimeo.com vimeo.com .gstatic.com .oniqa.com .cookielaw.org .onistaged.com .typekit.net .onenorth.com .thinkbrg.com .vidyard.com; object-src 'self'; img-src 'self' .amazonaws.com .google.com .google-analytics.com .googletagmanager.com .youtube.com .vimeo.com vimeo.com .gstatic.com .oniqa.com .cookielaw.org .onistaged.com .typekit.net .onenorth.com .thinkbrg.com .vidyard.com data:; font-src 'self' *.typekit.net data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20(external)
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 14:12:09 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
age: 87407
x-powered-by: Express
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 28 Feb 2022 22:05:11 GMT
server: cloudflare
x-p: APMAC2
x-frame-options: SAMEORIGIN
etag: W/"54ef-17f425db1d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
content-security-policy: default-src 'self' 'unsafe-inline' *.amazonaws.com *.google.com *.google-analytics.com *.googletagmanager.com *.bc0a.com *.b0e8.com api.brightedge.com *.youtube.com *.vimeo.com vimeo.com *.gstatic.com *.oniqa.com *.cookielaw.org *.onistaged.com *.typekit.net *.onenorth.com *.thinkbrg.com *.vidyard.com; object-src 'self'; img-src 'self' *.amazonaws.com *.google.com *.google-analytics.com *.googletagmanager.com *.youtube.com *.vimeo.com vimeo.com *.gstatic.com *.oniqa.com *.cookielaw.org *.onistaged.com *.typekit.net *.onenorth.com *.thinkbrg.com *.vidyard.com data:; font-src 'self' *.typekit.net data:;
cf-ray: 70dd6d0748d29000-FRA

GET
H2 200 3c732203b6a51bc4e60f.js Show response
www.thinkbrg.com/_nuxt/ 33 KB
7 KB 48ms
47ms Script
application/javascript 172.64.150.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thinkbrg.com/_nuxt/3c732203b6a51bc4e60f.js

Requested by

Host: www.thinkbrg.com
URL: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20(external)

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.158 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

aeedd2ecd054f1376d292f29a88f93555ff6884d07f98a4a3c5faad2305c290c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' .amazonaws.com .google.com .google-analytics.com .googletagmanager.com .bc0a.com .b0e8.com api.brightedge.com .youtube.com .vimeo.com vimeo.com .gstatic.com .oniqa.com .cookielaw.org .onistaged.com .typekit.net .onenorth.com .thinkbrg.com .vidyard.com; object-src 'self'; img-src 'self' .amazonaws.com .google.com .google-analytics.com .googletagmanager.com .youtube.com .vimeo.com vimeo.com .gstatic.com .oniqa.com .cookielaw.org .onistaged.com .typekit.net .onenorth.com .thinkbrg.com .vidyard.com data:; font-src 'self' *.typekit.net data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20(external)
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 14:12:09 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
age: 173438
x-powered-by: Express
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 28 Feb 2022 22:05:11 GMT
server: cloudflare
x-p: APMAC1
x-frame-options: SAMEORIGIN
etag: W/"8238-17f425db1d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
content-security-policy: default-src 'self' 'unsafe-inline' *.amazonaws.com *.google.com *.google-analytics.com *.googletagmanager.com *.bc0a.com *.b0e8.com api.brightedge.com *.youtube.com *.vimeo.com vimeo.com *.gstatic.com *.oniqa.com *.cookielaw.org *.onistaged.com *.typekit.net *.onenorth.com *.thinkbrg.com *.vidyard.com; object-src 'self'; img-src 'self' *.amazonaws.com *.google.com *.google-analytics.com *.googletagmanager.com *.youtube.com *.vimeo.com vimeo.com *.gstatic.com *.oniqa.com *.cookielaw.org *.onistaged.com *.typekit.net *.onenorth.com *.thinkbrg.com *.vidyard.com data:; font-src 'self' *.typekit.net data:;
cf-ray: 70dd6d0748d39000-FRA

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 20 KB
7 KB 54ms
21ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.thinkbrg.com
URL: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20(external)

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03aa6fcac2902227e1b66a01b87824692f708bbf9bfe441784f8ed22d677f6de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20(external)
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 19 May 2022 14:12:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: +q2Bd0SvXowDeesSOf+0yw==
age: 6678
vary: Accept-Encoding
content-length: 6782
x-ms-lease-status: unlocked
last-modified: Tue, 17 May 2022 16:31:29 GMT
server: cloudflare
etag: 0x8DA3822B23D0DE9
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d4700742-d01e-00d7-241e-6a92c1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 70dd6d078d210219-ZRH

GET
H2 200 autopilot_sdk.js Show response
cdn.bc0a.com/autopilot/f00000000269920/ 46 KB
16 KB 38ms
7ms Script
application/javascript 35.201.125.192
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bc0a.com/autopilot/f00000000269920/autopilot_sdk.js
Requested by: Host: www.thinkbrg.com
URL: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20(external)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.125.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 192.125.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2bbf5e81f5a6d5bbbf314259dfa7260b734cefed65143a089cc8a4c9d1eee44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20(external)
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-meta-marvel_enabled: true
content-encoding: gzip
age: 2321
x-guploader-uploadid: ADPycdtzm4NNPCk6VkfzLx8WovaUtdIcsWEV__gKH5Kn8DYLySVJhf4nQRaBEn47f01XGQ4N4YRlBzaxGirrQbmqDTWW1-5_kBP9
x-goog-meta-sdk_canonical_host
x-goog-meta-sdk_whitelist: ixf
x-goog-stored-content-encoding: gzip
x-goog-meta-publishingdate: 2021-12-20 19:01:13
x-goog-meta-sdk_canonical_protocol
etag: "e393e8c325109a100fdbf01b4870422a"
vary: Accept-Encoding
x-goog-generation: 1640026873248391
content-language: en
access-control-allow-origin: *
x-goog-meta-custom: true
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-meta-spa: false
expires: Thu, 19 May 2022 14:33:28 GMT
x-goog-meta-sdk_version: 1.5.2
date: Thu, 19 May 2022 13:33:28 GMT
x-goog-meta-sdk_account_id: f00000000269920
x-goog-meta-sdk_request_parameters_case_sensitive: false
x-goog-meta-marvel_config_consistency_custom: {"data-testmode":true,"data-customerid":"f00000000269920"}
x-goog-storage-class: MULTI_REGIONAL
x-goog-meta-marvel_customer_id
x-goog-metageneration: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15464
x-goog-meta-content_only: false
x-goog-meta-sdk_log_level: 2
last-modified: Mon, 20 Dec 2021 19:01:13 GMT
server: UploadServer
x-goog-hash: crc32c=V0ewvA==, md5=45PowyUQmhAP2/AbSHBCKg==
x-goog-stored-content-length: 15464
accept-ranges: bytes
content-type: application/javascript
x-goog-meta-marvel_test_mode: false
x-goog-meta-disable_debug_elements: false

GET
H2 200 brg_logo_color.svg
media.thinkbrg.com/wp-content/uploads/2020/03/19094854/ 5 KB
2 KB 97ms
59ms Image
image/svg+xml 172.64.150.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.thinkbrg.com/wp-content/uploads/2020/03/19094854/brg_logo_color.svg
Requested by: Host: www.thinkbrg.com
URL: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20(external)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.150.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ada603a45178f3942de75eb4fefd369d74eae20190f5dbaf7a9f080f736adff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20(external)
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 14:12:09 GMT
via: 1.1 4759d374f81c150e013482837b3363f2.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
x-amz-cf-pop: QRO51-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/svg+xml
content-encoding: br
last-modified: Fri, 19 Jun 2020 14:48:55 GMT
server: cloudflare
etag: W/"091bd6d39d80f18d38726053e7916ae0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=31536000
cf-ray: 70dd6d07e9e79000-FRA
x-amz-cf-id: 9MmD5BXV_MhjNTDazqMKqQTUwyQxS8liYMHdAKqog6sfD0xHI-s0sw==
expires: Sat, 19 Jun 2021 14:48:54 GMT

GET
H2 200 logo-white-1.svg
media.thinkbrg.com/wp-content/uploads/2020/03/27130447/ 5 KB
2 KB 55ms
55ms Image
image/svg+xml 172.64.150.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.thinkbrg.com/wp-content/uploads/2020/03/27130447/logo-white-1.svg
Requested by: Host: www.thinkbrg.com
URL: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20(external)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.150.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f9ac2aeda2c103f1b53551296b48dcb85287badbccbe2c70497f26c49eab412

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20(external)
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 14:12:09 GMT
via: 1.1 bab4cca0b6f8240290c0a06b095a77a8.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
x-amz-cf-pop: QRO51-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/svg+xml
content-encoding: br
last-modified: Mon, 27 Jul 2020 18:04:49 GMT
server: cloudflare
etag: W/"5b3de9127c1ffbffc516b25314760cd0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=31536000
cf-ray: 70dd6d080a0f9000-FRA
x-amz-cf-id: y7570-ED7pVlUESzUzOT1Y77r8CMjbTtiXtf9-OQ2YRgYOrBq2D2ww==
expires: Tue, 27 Jul 2021 18:04:47 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
181 B 51ms
11ms Stylesheet
text/css 2a02:26f0:3500:7::17d8:4dc7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=rog2ylx&ht=tk&f=18058.18059.18060.18065.14584.14585.14586.14587.9869.9870.9871.9872.18099.18100.18101.18106.18182.18183.18184.18189.18138.18139.18140.18145.18168.18169.18170.18175.18209.18210.18211.18212.18338.18339.18340.18345.18350.18351.18352.18357.18288.18289.18290.18295.18021.18022.18023.18028.18046.18047.18048.18053.18126.18127.18128.18133&a=18648512&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/rog2ylx.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:7::17d8:4dc7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/rog2ylx.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 14:12:09 GMT
last-modified: Sat, 16 Oct 2021 08:18:43 GMT
server: nginx
etag: "616a8ae3-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 8fb9ed0b-bf2f-4441-93f0-353ed0b243ed.json Show response
cdn.cookielaw.org/consent/8fb9ed0b-bf2f-4441-93f0-353ed0b243ed/ 2 KB
2 KB 78ms
41ms XHR
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/8fb9ed0b-bf2f-4441-93f0-353ed0b243ed/8fb9ed0b-bf2f-4441-93f0-353ed0b243ed.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1dd3b4f863f1c12b80dff634f96e105d53e8010cda80f68c74bb0d61b3b8e75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20(external)
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 19 May 2022 14:12:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Bq+IBRj5N2aAZAPfTQxD4Q==
age: 8430
vary: Accept-Encoding
content-length: 1023
x-ms-lease-status: unlocked
last-modified: Tue, 11 Aug 2020 22:14:12 GMT
server: cloudflare
etag: 0x8D83E43E076C8BE
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 203ff029-d01e-011f-5c10-0645a3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 70dd6d085908cc62-ZRH
expires: Thu, 19 May 2022 18:12:09 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 132 KB
45 KB 61ms
24ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P97RCDT

Requested by

Host: www.thinkbrg.com
URL: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20(external)

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

601dd57db68f45c5569cc09fc4083c0916876ae4cd05bed33b054441e715aa45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20(external)
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 14:12:09 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45428
x-xss-protection: 0
last-modified: Thu, 19 May 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 19 May 2022 14:12:09 GMT

GET
H2 200 1225880625 Show response
ixfd1-api.bc0a.com/api/ixf/1.0.0/get_capsule/f00000000269920/ 4 KB
1 KB 44ms
15ms XHR
application/json 34.102.193.142
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ixfd1-api.bc0a.com/api/ixf/1.0.0/get_capsule/f00000000269920/1225880625?client=js_sdk&client_version=1.5.2&orig_url=https%3A%2F%2Fwww.thinkbrg.com%2F%3Futm_source%3Dvuture%26utm_medium%3Demail%26utm_campaign%3Dit%2520alert%2520-%2520areli%2520phishing%2520email%2520(external)&base_url=https%3A%2F%2Fwww.thinkbrg.com%2F&user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F101.0.4951.64%20Safari%2F537.36
Requested by: Host: cdn.bc0a.com
URL: https://cdn.bc0a.com/autopilot/f00000000269920/autopilot_sdk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.193.142 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 142.193.102.34.bc.googleusercontent.com
Software: bws/1.0 /
Resource Hash: 92336d96303f77c45ae868477ca2a25cd97f8e3efe51e29a0bc1d9dfb9d432b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20(external)
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-be-pop: BRU-1-302
date: Thu, 19 May 2022 14:12:06 GMT
content-encoding: br
server: bws/1.0
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

GET
H2 200 b764317b0daefd30f3e9e0bcd06e859c.svg
www.thinkbrg.com/_nuxt/ 11 KB
4 KB 34ms
34ms Other
image/svg+xml 172.64.150.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thinkbrg.com/_nuxt/b764317b0daefd30f3e9e0bcd06e859c.svg

Requested by

Host: www.thinkbrg.com
URL: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20(external)

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.158 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

9b118992e14947a711675672b98c54f02c80ce830617ad3441aa5b630c3e6b2d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' .amazonaws.com .google.com .google-analytics.com .googletagmanager.com .bc0a.com .b0e8.com api.brightedge.com .youtube.com .vimeo.com vimeo.com .gstatic.com .oniqa.com .cookielaw.org .onistaged.com .typekit.net .onenorth.com .thinkbrg.com .vidyard.com; object-src 'self'; img-src 'self' .amazonaws.com .google.com .google-analytics.com .googletagmanager.com .youtube.com .vimeo.com vimeo.com .gstatic.com .oniqa.com .cookielaw.org .onistaged.com .typekit.net .onenorth.com .thinkbrg.com .vidyard.com data:; font-src 'self' *.typekit.net data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20(external)
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 14:12:09 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
age: 87409
x-powered-by: Express
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 28 Feb 2022 22:05:11 GMT
server: cloudflare
x-p: APMAC2
x-frame-options: SAMEORIGIN
etag: W/"2dc6-17f425db1d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/svg+xml
cache-control: public, max-age=31536000
content-security-policy: default-src 'self' 'unsafe-inline' *.amazonaws.com *.google.com *.google-analytics.com *.googletagmanager.com *.bc0a.com *.b0e8.com api.brightedge.com *.youtube.com *.vimeo.com vimeo.com *.gstatic.com *.oniqa.com *.cookielaw.org *.onistaged.com *.typekit.net *.onenorth.com *.thinkbrg.com *.vidyard.com; object-src 'self'; img-src 'self' *.amazonaws.com *.google.com *.google-analytics.com *.googletagmanager.com *.youtube.com *.vimeo.com vimeo.com *.gstatic.com *.oniqa.com *.cookielaw.org *.onistaged.com *.typekit.net *.onenorth.com *.thinkbrg.com *.vidyard.com data:; font-src 'self' *.typekit.net data:;
cf-ray: 70dd6d081a289000-FRA

GET
H2 200 carrot.svg
www.thinkbrg.com/images/icons/ 145 B
270 B 521ms
521ms Image
image/svg+xml 172.64.150.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thinkbrg.com/images/icons/carrot.svg

Requested by

Host: www.thinkbrg.com
URL: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20(external)

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.158 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

3a23d1f15b59b8733c0ffc9b487d298df0e401fc73dea010404e61bea0d14285

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' .amazonaws.com .google.com .google-analytics.com .googletagmanager.com .bc0a.com .b0e8.com api.brightedge.com .youtube.com .vimeo.com vimeo.com .gstatic.com .oniqa.com .cookielaw.org .onistaged.com .typekit.net .onenorth.com .thinkbrg.com .vidyard.com; object-src 'self'; img-src 'self' .amazonaws.com .google.com .google-analytics.com .googletagmanager.com .youtube.com .vimeo.com vimeo.com .gstatic.com .oniqa.com .cookielaw.org .onistaged.com .typekit.net .onenorth.com .thinkbrg.com .vidyard.com data:; font-src 'self' *.typekit.net data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20(external)
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 14:12:10 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-powered-by: Express
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 28 Feb 2022 22:04:12 GMT
server: cloudflare
x-p: APMAC1
x-frame-options: SAMEORIGIN
etag: W/"91-17f425ccb60"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/svg+xml
cache-control: public, max-age=31536000
content-security-policy: default-src 'self' 'unsafe-inline' *.amazonaws.com *.google.com *.google-analytics.com *.googletagmanager.com *.bc0a.com *.b0e8.com api.brightedge.com *.youtube.com *.vimeo.com vimeo.com *.gstatic.com *.oniqa.com *.cookielaw.org *.onistaged.com *.typekit.net *.onenorth.com *.thinkbrg.com *.vidyard.com; object-src 'self'; img-src 'self' *.amazonaws.com *.google.com *.google-analytics.com *.googletagmanager.com *.youtube.com *.vimeo.com vimeo.com *.gstatic.com *.oniqa.com *.cookielaw.org *.onistaged.com *.typekit.net *.onenorth.com *.thinkbrg.com *.vidyard.com data:; font-src 'self' *.typekit.net data:;
cf-ray: 70dd6d081a2b9000-FRA

GET
H2 200 l
use.typekit.net/af/3f55d3/00000000000000000001313f/27/ 28 KB
28 KB 61ms
15ms Font
application/font-woff2 2a02:26f0:3500:7::17d8:4dcd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/3f55d3/00000000000000000001313f/27/l?subset_id=2&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/rog2ylx.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:7::17d8:4dcd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1073d4be6104263885812287136307ed9d80de41fa8493bee260b64dfc888560

Request headers

Referer: https://use.typekit.net/rog2ylx.css
Origin: https://www.thinkbrg.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 14:12:09 GMT
server: nginx
etag: "c8e3a5f2a91f7f8bff7150e68dc135cf4be8e197"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 28792

GET
H2 200 DINProMedium.woff2
www.thinkbrg.com/fonts/ 28 KB
29 KB 36ms
35ms Font
font/woff2 172.64.150.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thinkbrg.com/fonts/DINProMedium.woff2

Requested by

Host: www.thinkbrg.com
URL: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20(external)

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.158 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

71e0eea3a1a9774d9850430ac1d4f1797a012d7791cd5964170421f9b4ccd873

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' .amazonaws.com .google.com .google-analytics.com .googletagmanager.com .bc0a.com .b0e8.com api.brightedge.com .youtube.com .vimeo.com vimeo.com .gstatic.com .oniqa.com .cookielaw.org .onistaged.com .typekit.net .onenorth.com .thinkbrg.com .vidyard.com; object-src 'self'; img-src 'self' .amazonaws.com .google.com .google-analytics.com .googletagmanager.com .youtube.com .vimeo.com vimeo.com .gstatic.com .oniqa.com .cookielaw.org .onistaged.com .typekit.net .onenorth.com .thinkbrg.com .vidyard.com data:; font-src 'self' *.typekit.net data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20(external)
Origin: https://www.thinkbrg.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 14:12:09 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
age: 85941
x-powered-by: Express
vary: Accept-Encoding
content-length: 28372
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 28 Feb 2022 22:04:12 GMT
server: cloudflare
x-p: APMAC1
x-frame-options: SAMEORIGIN
etag: W/"6ed4-17f425ccb60"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: font/woff2
cache-control: public, max-age=31536000
content-security-policy: default-src 'self' 'unsafe-inline' *.amazonaws.com *.google.com *.google-analytics.com *.googletagmanager.com *.bc0a.com *.b0e8.com api.brightedge.com *.youtube.com *.vimeo.com vimeo.com *.gstatic.com *.oniqa.com *.cookielaw.org *.onistaged.com *.typekit.net *.onenorth.com *.thinkbrg.com *.vidyard.com; object-src 'self'; img-src 'self' *.amazonaws.com *.google.com *.google-analytics.com *.googletagmanager.com *.youtube.com *.vimeo.com vimeo.com *.gstatic.com *.oniqa.com *.cookielaw.org *.onistaged.com *.typekit.net *.onenorth.com *.thinkbrg.com *.vidyard.com data:; font-src 'self' *.typekit.net data:;
accept-ranges: bytes
cf-ray: 70dd6d081a349000-FRA

GET
H2 200 DINProRegular.woff2
www.thinkbrg.com/fonts/ 27 KB
28 KB 40ms
40ms Font
font/woff2 172.64.150.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thinkbrg.com/fonts/DINProRegular.woff2

Requested by

Host: www.thinkbrg.com
URL: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20(external)

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.158 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

436b4b2f22e21354276f6d7e9ceece84369d156b645d98fb6019fe3c08cb2c84

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' .amazonaws.com .google.com .google-analytics.com .googletagmanager.com .bc0a.com .b0e8.com api.brightedge.com .youtube.com .vimeo.com vimeo.com .gstatic.com .oniqa.com .cookielaw.org .onistaged.com .typekit.net .onenorth.com .thinkbrg.com .vidyard.com; object-src 'self'; img-src 'self' .amazonaws.com .google.com .google-analytics.com .googletagmanager.com .youtube.com .vimeo.com vimeo.com .gstatic.com .oniqa.com .cookielaw.org .onistaged.com .typekit.net .onenorth.com .thinkbrg.com .vidyard.com data:; font-src 'self' *.typekit.net data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20(external)
Origin: https://www.thinkbrg.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 14:12:09 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
age: 20149
x-powered-by: Express
vary: Accept-Encoding
content-length: 28156
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 28 Feb 2022 22:04:12 GMT
server: cloudflare
x-p: APMAC2
x-frame-options: SAMEORIGIN
etag: W/"6dfc-17f425ccb60"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: font/woff2
cache-control: public, max-age=31536000
content-security-policy: default-src 'self' 'unsafe-inline' *.amazonaws.com *.google.com *.google-analytics.com *.googletagmanager.com *.bc0a.com *.b0e8.com api.brightedge.com *.youtube.com *.vimeo.com vimeo.com *.gstatic.com *.oniqa.com *.cookielaw.org *.onistaged.com *.typekit.net *.onenorth.com *.thinkbrg.com *.vidyard.com; object-src 'self'; img-src 'self' *.amazonaws.com *.google.com *.google-analytics.com *.googletagmanager.com *.youtube.com *.vimeo.com vimeo.com *.gstatic.com *.oniqa.com *.cookielaw.org *.onistaged.com *.typekit.net *.onenorth.com *.thinkbrg.com *.vidyard.com data:; font-src 'self' *.typekit.net data:;
accept-ranges: bytes
cf-ray: 70dd6d081a369000-FRA

GET
H2 200 bg.jpg
www.thinkbrg.com/images/hero-homepage/ 278 KB
279 KB 743ms
743ms Image
image/jpeg 172.64.150.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thinkbrg.com/images/hero-homepage/bg.jpg

Requested by

Host: www.thinkbrg.com
URL: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20(external)

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.158 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

6ec9aee7875d3e27527cf527945e4fb3d69b2a0e4ae9f0cec1867b26e61e661b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' .amazonaws.com .google.com .google-analytics.com .googletagmanager.com .bc0a.com .b0e8.com api.brightedge.com .youtube.com .vimeo.com vimeo.com .gstatic.com .oniqa.com .cookielaw.org .onistaged.com .typekit.net .onenorth.com .thinkbrg.com .vidyard.com; object-src 'self'; img-src 'self' .amazonaws.com .google.com .google-analytics.com .googletagmanager.com .youtube.com .vimeo.com vimeo.com .gstatic.com .oniqa.com .cookielaw.org .onistaged.com .typekit.net .onenorth.com .thinkbrg.com .vidyard.com data:; font-src 'self' *.typekit.net data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20(external)
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 14:12:10 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-powered-by: Express
vary: Accept-Encoding
content-length: 285014
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 28 Feb 2022 22:04:12 GMT
server: cloudflare
x-p: APMAC1
x-frame-options: SAMEORIGIN
etag: W/"45956-17f425ccb60"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
cache-control: no-cache, no-store
content-security-policy: default-src 'self' 'unsafe-inline' *.amazonaws.com *.google.com *.google-analytics.com *.googletagmanager.com *.bc0a.com *.b0e8.com api.brightedge.com *.youtube.com *.vimeo.com vimeo.com *.gstatic.com *.oniqa.com *.cookielaw.org *.onistaged.com *.typekit.net *.onenorth.com *.thinkbrg.com *.vidyard.com; object-src 'self'; img-src 'self' *.amazonaws.com *.google.com *.google-analytics.com *.googletagmanager.com *.youtube.com *.vimeo.com vimeo.com *.gstatic.com *.oniqa.com *.cookielaw.org *.onistaged.com *.typekit.net *.onenorth.com *.thinkbrg.com *.vidyard.com data:; font-src 'self' *.typekit.net data:;
accept-ranges: bytes
cf-ray: 70dd6d083a809000-FRA

GET
H2 200 BRG-Homepage-Test-2.jpg
media.thinkbrg.com/wp-content/uploads/2020/07/01161733/ 759 KB
760 KB 41ms
41ms Image
image/jpeg 172.64.150.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.thinkbrg.com/wp-content/uploads/2020/07/01161733/BRG-Homepage-Test-2.jpg
Requested by: Host: www.thinkbrg.com
URL: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20(external)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.150.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc0f0e11c15fbb4017d7aaea72bcf2912cacd5e72cfe7244c8e1b0a36d7ff3e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thinkbrg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 14:12:09 GMT
via: 1.1 6ee47dd27ca379a812104b559e9a5a22.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: DUS51-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
content-length: 777261
last-modified: Wed, 01 Jul 2020 21:17:34 GMT
server: cloudflare
etag: "1bc1b72472a9f6eddb9acc77106d7681"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 70dd6d083a839000-FRA
x-amz-cf-id: ip5bemzDJ9vYtkMdWSpRtZc2IS2vmDWQq666Y5fllNIW_g8ALyuUkw==
expires: Thu, 01 Jul 2021 21:17:33 GMT

GET
H2 200 BRG-Homepage-Services-CorpFin.jpg
media.thinkbrg.com/wp-content/uploads/2020/06/01193416/ 495 KB
496 KB 42ms
42ms Image
image/jpeg 172.64.150.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.thinkbrg.com/wp-content/uploads/2020/06/01193416/BRG-Homepage-Services-CorpFin.jpg
Requested by: Host: www.thinkbrg.com
URL: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20(external)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.150.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bedc658ad6195b90ce88281bf87a7263ff6e21282dca4154df976de9f56d5ead

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thinkbrg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 14:12:09 GMT
via: 1.1 0616b48dd6be4cda83365410ecccbda4.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: DUS51-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
content-length: 507385
last-modified: Thu, 02 Jul 2020 00:34:17 GMT
server: cloudflare
etag: "e77d60790c5b6824c5fea541b25c80c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 70dd6d083a849000-FRA
x-amz-cf-id: 7vR2xUall4zzyz4Gev8LfxBl1qJWGEvC1v0WGwTZGn29qj-Vvl387Q==
expires: Fri, 02 Jul 2021 00:34:16 GMT

GET
H2 200 BRG-Homepage-Services-Disputes.jpg
media.thinkbrg.com/wp-content/uploads/2020/06/01193544/ 486 KB
487 KB 68ms
67ms Image
image/jpeg 172.64.150.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.thinkbrg.com/wp-content/uploads/2020/06/01193544/BRG-Homepage-Services-Disputes.jpg
Requested by: Host: www.thinkbrg.com
URL: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20(external)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.150.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffc3a97c1848d3500e53de904714118de356082640561bac83ca49a7bbc79099

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thinkbrg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 14:12:09 GMT
via: 1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: DUS51-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
content-length: 497881
last-modified: Thu, 02 Jul 2020 00:35:46 GMT
server: cloudflare
etag: "ca3c2256c3007cac58d1f33014474230"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 70dd6d083a869000-FRA
x-amz-cf-id: DAk23viPKF-K56Ek5YLmbL9PPLfnU2BVu54XJbHL80g3Kl5u2bKngQ==
expires: Fri, 02 Jul 2021 00:35:44 GMT

GET
H2 200 BRG-Homepage-Services-Performance.jpg
media.thinkbrg.com/wp-content/uploads/2020/06/01193637/ 292 KB
292 KB 82ms
81ms Image
image/jpeg 172.64.150.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.thinkbrg.com/wp-content/uploads/2020/06/01193637/BRG-Homepage-Services-Performance.jpg
Requested by: Host: www.thinkbrg.com
URL: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20(external)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.150.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6f9e2cd725c5f012e07938cf6d6e1ac0a60bf2c94f69c9e863a6da1ca635530

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thinkbrg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 14:12:09 GMT
via: 1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: DUS51-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
content-length: 298654
last-modified: Thu, 02 Jul 2020 00:36:38 GMT
server: cloudflare
etag: "75957b8ee38b5fa610cd104c3f76aeb2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 70dd6d084a879000-FRA
x-amz-cf-id: 8fHFaV7WTow2n0jTSv0ms174Y7IFVRAsUsRNwXmkesqIyFA4c1iTZw==
expires: Fri, 02 Jul 2021 00:36:37 GMT

GET
H2 200 l
use.typekit.net/af/176972/000000000000000000013024/27/ 119 KB
120 KB 36ms
17ms Font
application/font-woff2 2a02:26f0:3500:7::17d8:4dcd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/176972/000000000000000000013024/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/rog2ylx.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:7::17d8:4dcd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: f479dbcb2d8369bf46692293768dd3a901ae4b57fd8aae023b77536b86f8b20a

Request headers

Referer: https://use.typekit.net/rog2ylx.css
Origin: https://www.thinkbrg.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 14:12:09 GMT
server: nginx
etag: "6ba92e3c2781b5db6ca62f5e6a7ba9dbb98932c5"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 122140

GET
H2 200 conv_v3.js Show response
cdn.b0e8.com/ 67 KB
22 KB 53ms
15ms Script
application/javascript 35.190.5.192
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.b0e8.com/conv_v3.js
Requested by: Host: www.thinkbrg.com
URL: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20(external)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.5.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 192.5.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 960d1f95f71be9bc4c13e06c200762c60cdc944d3289687f9d9faa6cf7b17506

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20(external)
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 14:08:32 GMT
content-encoding: gzip
age: 217
x-guploader-uploadid: ADPycdvbzR_G0pwN4rHcT9PXb4WOYCN8CeUT6llig-nDyH5drLqXOceXlg39jMQXOoDVCUpZmLGyYlFYTeekxjRFQUYFHIY-unDQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21573
last-modified: Wed, 23 Mar 2022 23:53:55 GMT
server: UploadServer
etag: "0acedbfc86d9cc291bf807c3fe3ea666"
vary: Accept-Encoding
x-goog-hash: crc32c=lWvUnQ==, md5=Cs7b/IbZzCkb+AfD/j6mZg==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1648079635204763
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 21573
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 19 May 2022 15:08:32 GMT

GET
H2 200 bg.jpg
www.thinkbrg.com/images/footer/ 566 KB
566 KB 794ms
794ms Image
image/jpeg 172.64.150.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thinkbrg.com/images/footer/bg.jpg

Requested by

Host: www.thinkbrg.com
URL: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20(external)

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.158 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

105efa25e6e0bc483effbf185e6d8b9310b734e2cf85bacd7f85739d79a86305

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' .amazonaws.com .google.com .google-analytics.com .googletagmanager.com .bc0a.com .b0e8.com api.brightedge.com .youtube.com .vimeo.com vimeo.com .gstatic.com .oniqa.com .cookielaw.org .onistaged.com .typekit.net .onenorth.com .thinkbrg.com .vidyard.com; object-src 'self'; img-src 'self' .amazonaws.com .google.com .google-analytics.com .googletagmanager.com .youtube.com .vimeo.com vimeo.com .gstatic.com .oniqa.com .cookielaw.org .onistaged.com .typekit.net .onenorth.com .thinkbrg.com .vidyard.com data:; font-src 'self' *.typekit.net data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20(external)
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 14:12:10 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-powered-by: Express
vary: Accept-Encoding
content-length: 579285
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 28 Feb 2022 22:04:12 GMT
server: cloudflare
x-p: APMAC2
x-frame-options: SAMEORIGIN
etag: W/"8d6d5-17f425ccb60"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
cache-control: no-cache, no-store
content-security-policy: default-src 'self' 'unsafe-inline' *.amazonaws.com *.google.com *.google-analytics.com *.googletagmanager.com *.bc0a.com *.b0e8.com api.brightedge.com *.youtube.com *.vimeo.com vimeo.com *.gstatic.com *.oniqa.com *.cookielaw.org *.onistaged.com *.typekit.net *.onenorth.com *.thinkbrg.com *.vidyard.com; object-src 'self'; img-src 'self' *.amazonaws.com *.google.com *.google-analytics.com *.googletagmanager.com *.youtube.com *.vimeo.com vimeo.com *.gstatic.com *.oniqa.com *.cookielaw.org *.onistaged.com *.typekit.net *.onenorth.com *.thinkbrg.com *.vidyard.com data:; font-src 'self' *.typekit.net data:;
accept-ranges: bytes
cf-ray: 70dd6d089b469000-FRA

GET
H2 200 35eb197b762d732e324e.js Show response
www.thinkbrg.com/_nuxt/ 135 KB
36 KB 35ms
34ms Script
application/javascript 172.64.150.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thinkbrg.com/_nuxt/35eb197b762d732e324e.js

Requested by

Host: www.thinkbrg.com
URL: https://www.thinkbrg.com/_nuxt/e0d762808606f9e25ecf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.158 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

cb0c7cdd0d61627c83ea22319ba6e0a921ef27b8b11e568cceba696f3068b96e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' .amazonaws.com .google.com .google-analytics.com .googletagmanager.com .bc0a.com .b0e8.com api.brightedge.com .youtube.com .vimeo.com vimeo.com .gstatic.com .oniqa.com .cookielaw.org .onistaged.com .typekit.net .onenorth.com .thinkbrg.com .vidyard.com; object-src 'self'; img-src 'self' .amazonaws.com .google.com .google-analytics.com .googletagmanager.com .youtube.com .vimeo.com vimeo.com .gstatic.com .oniqa.com .cookielaw.org .onistaged.com .typekit.net .onenorth.com .thinkbrg.com .vidyard.com data:; font-src 'self' *.typekit.net data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20(external)
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 14:12:09 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
age: 87407
x-powered-by: Express
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 28 Feb 2022 22:05:11 GMT
server: cloudflare
x-p: APMAC1
x-frame-options: SAMEORIGIN
etag: W/"21d99-17f425db1d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
content-security-policy: default-src 'self' 'unsafe-inline' *.amazonaws.com *.google.com *.google-analytics.com *.googletagmanager.com *.bc0a.com *.b0e8.com api.brightedge.com *.youtube.com *.vimeo.com vimeo.com *.gstatic.com *.oniqa.com *.cookielaw.org *.onistaged.com *.typekit.net *.onenorth.com *.thinkbrg.com *.vidyard.com; object-src 'self'; img-src 'self' *.amazonaws.com *.google.com *.google-analytics.com *.googletagmanager.com *.youtube.com *.vimeo.com vimeo.com *.gstatic.com *.oniqa.com *.cookielaw.org *.onistaged.com *.typekit.net *.onenorth.com *.thinkbrg.com *.vidyard.com data:; font-src 'self' *.typekit.net data:;
cf-ray: 70dd6d08dbaa9000-FRA

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.4.0/ 324 KB
68 KB 30ms
30ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.4.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d165f84e466f4d1c4e4840e7bddf5e6e0114e114cf2c555078c40719498430dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20(external)
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 19 May 2022 14:12:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: OXmd51EQ9oHx+DG8SQeJEg==
age: 18374626
vary: Accept-Encoding
content-length: 68972
x-ms-lease-status: unlocked
last-modified: Thu, 13 Aug 2020 04:48:11 GMT
server: cloudflare
etag: 0x8D83F44153EEB2B
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d84ad125-801e-0003-786c-c4dbe1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 70dd6d08efbd0219-ZRH

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P97RCDT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20(external)
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2243
date: Thu, 19 May 2022 13:34:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 19 May 2022 15:34:46 GMT

GET
H2 200 BRG-Insights-Legal-17.jpg
media.thinkbrg.com/wp-content/uploads/2020/10/26113905/ 707 KB
708 KB 36ms
36ms Image
image/jpeg 172.64.150.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.thinkbrg.com/wp-content/uploads/2020/10/26113905/BRG-Insights-Legal-17.jpg
Requested by: Host: www.thinkbrg.com
URL: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20%28external%29
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.150.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58e672ddb75c4f6487faeb8478adcd6fb70eedad15e584f0b0d60ee757a6cfb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thinkbrg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 14:12:10 GMT
via: 1.1 5b9a6276a0cfe21df57da85d975de2dc.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: DUS51-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-replication-status: COMPLETED
content-length: 723740
last-modified: Mon, 26 Oct 2020 16:39:07 GMT
server: cloudflare
etag: "8489a0729c2236314bbfe087216beb9c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: .Y_GSDH7CsW6tJSDCTJgmDfiOHl7uTLR
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 70dd6d0b2fae9000-FRA
x-amz-cf-id: G3iJSFbEGlx4VBjQb4FhyfGMqBoXr1LvYRsjLB-xpR8gN75snFDJLw==
expires: Tue, 26 Oct 2021 16:39:05 GMT

GET
H2 200 BRG-Insights-Technology-21.jpg
media.thinkbrg.com/wp-content/uploads/2021/07/09183235/ 590 KB
591 KB 37ms
36ms Image
image/jpeg 172.64.150.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.thinkbrg.com/wp-content/uploads/2021/07/09183235/BRG-Insights-Technology-21.jpg
Requested by: Host: www.thinkbrg.com
URL: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20%28external%29
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.150.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00e92b5e3890aa99b5e0ecab12786b754d0f208af9c1e1e4220e1a9c43c3a3d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thinkbrg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 14:12:10 GMT
via: 1.1 6fadd80db8a3a154b0b68f055a91920c.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: DUS51-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-replication-status: COMPLETED
content-length: 603985
last-modified: Fri, 09 Jul 2021 23:32:36 GMT
server: cloudflare
etag: "1fd0cf7f7fff3a63578b5c3f3654005f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: yiaga9y8ExebAqOFUqd6HIS7.7Eb.Ap0
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 70dd6d0b2fb39000-FRA
x-amz-cf-id: Ct_GzQFUT319AOKlx1573cjnuid6HMDRE7jzTR3XPDMDFu0CeqSPaQ==
expires: Sat, 09 Jul 2022 23:32:35 GMT

GET
H2 200 BRG-Insights-Tech-2-19.jpg
media.thinkbrg.com/wp-content/uploads/2022/04/04114328/ 359 KB
360 KB 77ms
77ms Image
image/jpeg 172.64.150.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.thinkbrg.com/wp-content/uploads/2022/04/04114328/BRG-Insights-Tech-2-19.jpg
Requested by: Host: www.thinkbrg.com
URL: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20%28external%29
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.150.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06ef016642723cc60a2b1405a9b8e8133706a4ca85ee1bb5f4ca222f726eaf25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thinkbrg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 14:12:10 GMT
via: 1.1 809c299e67c4ffca3db95351c7287bd8.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: DUS51-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-replication-status: COMPLETED
content-length: 368097
last-modified: Wed, 04 May 2022 16:43:29 GMT
server: cloudflare
etag: "1b51b8bcd9735466a1935c60e6610104"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 4O6tgGkHBZUOD06KlBxrgUDBAc4FpxUP
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 70dd6d0b2fb49000-FRA
x-amz-cf-id: fcul7mtsG2FoUWoM8wbnJrIqkwnQv_qbJF5Z-D6sCm7ioa3u8kj1eQ==
expires: Thu, 04 May 2023 16:43:28 GMT

GET
H2 200 BRG-Insights-Corporate-2-15.jpg
media.thinkbrg.com/wp-content/uploads/2021/06/18150421/ 826 KB
827 KB 62ms
62ms Image
image/jpeg 172.64.150.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.thinkbrg.com/wp-content/uploads/2021/06/18150421/BRG-Insights-Corporate-2-15.jpg
Requested by: Host: www.thinkbrg.com
URL: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20%28external%29
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.150.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f000d94e27ed9da2c25a5f25ef5c577fa337e5324103e588a2cccd52c0175a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thinkbrg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 14:12:10 GMT
via: 1.1 ed18d8ae19db26837eda53bbf8f03c08.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: DUS51-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-replication-status: COMPLETED
content-length: 845726
last-modified: Fri, 18 Jun 2021 20:04:22 GMT
server: cloudflare
etag: "30e7c75dabd7b845e38f492764a5e8b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: JryNmvmUZYWUkBO0uFLSWKT48DGRDbLc
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 70dd6d0b2fb69000-FRA
x-amz-cf-id: jw6Z7RZKpBN91YwqH-MHZ9qrRW4Q9UfeQBub5iEKnG0qTOqnr1cdxg==
expires: Sat, 18 Jun 2022 20:04:21 GMT

GET
H2 200 BRG-Insights-Construction_19.jpg
media.thinkbrg.com/wp-content/uploads/2022/04/12105458/ 1008 KB
1010 KB 74ms
74ms Image
image/jpeg 172.64.150.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.thinkbrg.com/wp-content/uploads/2022/04/12105458/BRG-Insights-Construction_19.jpg
Requested by: Host: www.thinkbrg.com
URL: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20%28external%29
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.150.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34e451071033c794d137cca1dd26ce679f0c81b6acd831025a734c42565d65f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thinkbrg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 14:12:10 GMT
via: 1.1 d2f47ea7c79de35229ffbfc6942082c0.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: DUS51-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-replication-status: COMPLETED
content-length: 1032569
last-modified: Tue, 12 Apr 2022 15:55:00 GMT
server: cloudflare
etag: "1d5857d8e12b4df0574febcc1db1597d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: xARLRXLt3dVgl.kodLoc.bj8nb.3zWx1
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 70dd6d0b2fb79000-FRA
x-amz-cf-id: X8Fm3USZ4s_upUHHCG2Piutfat0lwTqqMHttuC7OqqNnK1hAQ2k0vg==
expires: Wed, 12 Apr 2023 15:54:58 GMT

GET
H2 200 BRG-Homepage-Services-Performance-Board.jpg
media.thinkbrg.com/wp-content/uploads/2020/06/02151957/ 470 KB
471 KB 69ms
68ms Image
image/jpeg 172.64.150.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.thinkbrg.com/wp-content/uploads/2020/06/02151957/BRG-Homepage-Services-Performance-Board.jpg
Requested by: Host: www.thinkbrg.com
URL: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20%28external%29
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.150.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52f8b5c40b7f0aa213db628ff0aa28d992ce94f0d736e9a620c790f2655d0660

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thinkbrg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 14:12:10 GMT
via: 1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: DUS51-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
content-length: 481369
last-modified: Thu, 02 Jul 2020 20:19:58 GMT
server: cloudflare
etag: "a3efd8a79a196ef473e10f9ae3285329"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 70dd6d0b2fbf9000-FRA
x-amz-cf-id: gcr_3039jVV76iGPe2ZrecKk8atvo7EV2xJsrLHGzQ4N53Jv0dtYlw==
expires: Fri, 02 Jul 2021 20:19:57 GMT

GET
H2 200 TS6_interview.png
media.thinkbrg.com/wp-content/uploads/2020/07/07175810/ 2 MB
2 MB 57ms
57ms Image
image/png 172.64.150.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.thinkbrg.com/wp-content/uploads/2020/07/07175810/TS6_interview.png
Requested by: Host: www.thinkbrg.com
URL: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20%28external%29
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.150.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5afa04b55596eabb02e015ced561a054a62c82d73079fb7d751c0561665dac7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thinkbrg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 14:12:10 GMT
via: 1.1 c7a5852ebe9db847874084d43de89f0e.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: DUS51-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
content-length: 1635659
last-modified: Tue, 07 Jul 2020 22:58:11 GMT
server: cloudflare
etag: "98f0b9e99b94f29c5c1f18967ee9141a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 70dd6d0b98749000-FRA
x-amz-cf-id: mda9-ywGbBn385NDUiWY23W8LWhf2zCDLudWUsHfSmymSBFT3A27aA==
expires: Wed, 07 Jul 2021 22:58:10 GMT

GET
H2 200 BRG-Website-VideoHub-HomePage.jpg
media.thinkbrg.com/wp-content/uploads/2021/09/13092655/ 288 KB
289 KB 46ms
45ms Image
image/jpeg 172.64.150.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.thinkbrg.com/wp-content/uploads/2021/09/13092655/BRG-Website-VideoHub-HomePage.jpg
Requested by: Host: www.thinkbrg.com
URL: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20%28external%29
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.150.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e3e09a6c6edfd8bf3c71591ca99118b0a94fc8b3c46528c7ba6db17d4d679fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thinkbrg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 14:12:10 GMT
via: 1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: DUS51-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-replication-status: COMPLETED
content-length: 295091
last-modified: Mon, 13 Sep 2021 14:26:56 GMT
server: cloudflare
etag: "35d8407fd9396edf4f2ea4f0ddbe09da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: WUl_dpYmPFeTe1uLwv.qxlnT9CXYbGU3
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 70dd6d0bb8ad9000-FRA
x-amz-cf-id: NfZibEEr_7NRC8azlBMeAqoRXLQWPrLmc6XEG1JWUiy6E2hm-qhxzg==
expires: Tue, 13 Sep 2022 14:26:55 GMT

GET
H2 200 BRG-Insights_Finance_25.jpg
media.thinkbrg.com/wp-content/uploads/2021/10/19150150/ 535 KB
536 KB 96ms
95ms Image
image/jpeg 172.64.150.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.thinkbrg.com/wp-content/uploads/2021/10/19150150/BRG-Insights_Finance_25.jpg
Requested by: Host: www.thinkbrg.com
URL: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20%28external%29
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.150.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5a9369563a14ddd63ccb43c3d12210c338ef3e67b02e9bcbd281342befc5554

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thinkbrg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 14:12:10 GMT
via: 1.1 5e696cef0c57cc6cd171bf72fe757bf4.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: DUS51-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-replication-status: COMPLETED
content-length: 547506
last-modified: Tue, 19 Oct 2021 20:01:52 GMT
server: cloudflare
etag: "e4ae226456b86bcdf9edf5bf4bb11ee6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: .M610LC4HficlsQ8UAR.4PskfE394MRm
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 70dd6d0bc8c89000-FRA
x-amz-cf-id: zUirfBKIv4WBmT3CEjUVzF3YbU1K2uU-amaNCqUknB2IuBf5vy4D0w==
expires: Wed, 19 Oct 2022 20:01:50 GMT

GET
H2 200 BRG-Insights-Tech-2-8.jpg
media.thinkbrg.com/wp-content/uploads/2020/09/11181734/ 959 KB
960 KB 82ms
81ms Image
image/jpeg 172.64.150.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.thinkbrg.com/wp-content/uploads/2020/09/11181734/BRG-Insights-Tech-2-8.jpg
Requested by: Host: www.thinkbrg.com
URL: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20%28external%29
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.150.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 366a7a910e45bfc8f7d67bf49d81f4e2acf3a1686360d0c1bf347293b0e26558

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thinkbrg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 14:12:10 GMT
via: 1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: DUS51-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-replication-status: COMPLETED
content-length: 981841
last-modified: Fri, 11 Sep 2020 23:17:35 GMT
server: cloudflare
etag: "5bf2f5630bd33c8988d3a3e7220b0d70"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 9NuffAbe6Z_zLwEGWBlR6g7RpmZxZKJU
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 70dd6d0bc8cc9000-FRA
x-amz-cf-id: KUrY5VUYC9z55YFhkGCyUO3VczwbGM_U2b5kr30SenESDC6e_Gyl9Q==
expires: Sat, 11 Sep 2021 23:17:34 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/8fb9ed0b-bf2f-4441-93f0-353ed0b243ed/b072924d-3a5f-49a7-a7f7-d07ef871bfaa/ 14 KB
5 KB 24ms
24ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/8fb9ed0b-bf2f-4441-93f0-353ed0b243ed/b072924d-3a5f-49a7-a7f7-d07ef871bfaa/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.4.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d75e053cdab56b9a6c546b01b6c2c708dcec71b9dcb25a7a937f1c0f250964d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20%28external%29
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 19 May 2022 14:12:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: HkR9gaWzijrziwrLrUalVQ==
age: 8431
vary: Accept-Encoding
content-length: 4642
x-ms-lease-status: unlocked
last-modified: Tue, 11 Aug 2020 22:14:13 GMT
server: cloudflare
etag: 0x8D83E43E1089BA5
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 5b8920fa-401e-005a-5a18-06de67000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 70dd6d0b3c61cc62-ZRH
expires: Thu, 19 May 2022 18:12:10 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
208 B 34ms
34ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=675555140&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thinkbrg.com%2F%3Futm_source%3Dvuture%26utm_medium%3Demail%26utm_campaign%3Dit%2520alert%2520-%2520areli%2520phishing%2520email%2520%2528external%2529&ul=en-us&de=UTF-8&dt=BRG%20%7C%20Global%20Consulting%20Firm%20%7C%20Disputes%20%7C%20Corporate%20Finance%20%7C%20Performance%20Improvement%20%7C%20Berkeley%20Research%20Group&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1838014950&gjid=2123993206&cid=848619598.1652969530&tid=UA-3105905-9&_gid=955814338.1652969530&_r=1&gtm=2wg5b0P97RCDT&z=1672669790

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20%28external%29
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 19 May 2022 14:12:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thinkbrg.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET brightedge3.php
a1.b0e8.com/ 0
0

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.4.0/assets/ 12 KB
3 KB 24ms
24ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.4.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.4.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae407e415a45b6c720d8d61fef8c28756883d0f546a64e7a2969d6174c669951

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20%28external%29
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 19 May 2022 14:12:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 6gV+HVzh3FZtolGVOUCRaQ==
age: 8431
vary: Accept-Encoding
content-length: 3248
x-ms-lease-status: unlocked
last-modified: Thu, 13 Aug 2020 04:48:04 GMT
server: cloudflare
etag: 0x8D83F4410917650
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: c174cd40-c01e-00e1-2210-063f93000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 70dd6d0bbcf1cc62-ZRH

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.4.0/assets/ 61 KB
15 KB 38ms
38ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.4.0/assets/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.4.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f5bf5edcefe950e16d287cdcb9c28690952439098ee0639f4a960fe268ae231

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20%28external%29
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 19 May 2022 14:12:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Ks8d5YTomxp0YggJVomz8A==
age: 8431
vary: Accept-Encoding
content-length: 14901
x-ms-lease-status: unlocked
last-modified: Thu, 13 Aug 2020 04:48:04 GMT
server: cloudflare
etag: 0x8D83F4410E34EE2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 9bc0034b-b01e-0066-0b10-066abc000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 70dd6d0bbcf4cc62-ZRH

POST collect
stats.g.doubleclick.net/j/ 0
0

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 64c185b5271ed8c95244.js Show response
www.thinkbrg.com/_nuxt/ 22 KB
6 KB 38ms
33ms Script
application/javascript 172.64.150.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thinkbrg.com/_nuxt/64c185b5271ed8c95244.js

Requested by

Host: www.thinkbrg.com
URL: https://www.thinkbrg.com/_nuxt/e0d762808606f9e25ecf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.158 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

4cb38153c599be0c818af1145fb39feb79bce20a4a5a2e65e5764318573f36e1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' .amazonaws.com .google.com .google-analytics.com .googletagmanager.com .bc0a.com .b0e8.com api.brightedge.com .youtube.com .vimeo.com vimeo.com .gstatic.com .oniqa.com .cookielaw.org .onistaged.com .typekit.net .onenorth.com .thinkbrg.com .vidyard.com; object-src 'self'; img-src 'self' .amazonaws.com .google.com .google-analytics.com .googletagmanager.com .youtube.com .vimeo.com vimeo.com .gstatic.com .oniqa.com .cookielaw.org .onistaged.com .typekit.net .onenorth.com .thinkbrg.com .vidyard.com data:; font-src 'self' *.typekit.net data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20%28external%29
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 14:12:10 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
age: 85941
x-powered-by: Express
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 28 Feb 2022 22:05:11 GMT
server: cloudflare
x-p: APMAC1
x-frame-options: SAMEORIGIN
etag: W/"5725-17f425db1d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
content-security-policy: default-src 'self' 'unsafe-inline' *.amazonaws.com *.google.com *.google-analytics.com *.googletagmanager.com *.bc0a.com *.b0e8.com api.brightedge.com *.youtube.com *.vimeo.com vimeo.com *.gstatic.com *.oniqa.com *.cookielaw.org *.onistaged.com *.typekit.net *.onenorth.com *.thinkbrg.com *.vidyard.com; object-src 'self'; img-src 'self' *.amazonaws.com *.google.com *.google-analytics.com *.googletagmanager.com *.youtube.com *.vimeo.com vimeo.com *.gstatic.com *.oniqa.com *.cookielaw.org *.onistaged.com *.typekit.net *.onenorth.com *.thinkbrg.com *.vidyard.com data:; font-src 'self' *.typekit.net data:;
cf-ray: 70dd6d0c397d9000-FRA

GET
H2 200 82a6a488f7454e9b990f.js Show response
www.thinkbrg.com/_nuxt/ 131 KB
35 KB 47ms
38ms Script
application/javascript 172.64.150.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thinkbrg.com/_nuxt/82a6a488f7454e9b990f.js

Requested by

Host: www.thinkbrg.com
URL: https://www.thinkbrg.com/_nuxt/e0d762808606f9e25ecf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.158 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

ba0ebf726ea8710e3e0ad4b8498e7f3de91c1822ed0a80bbfbc4faf2631c9f5b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' .amazonaws.com .google.com .google-analytics.com .googletagmanager.com .bc0a.com .b0e8.com api.brightedge.com .youtube.com .vimeo.com vimeo.com .gstatic.com .oniqa.com .cookielaw.org .onistaged.com .typekit.net .onenorth.com .thinkbrg.com .vidyard.com; object-src 'self'; img-src 'self' .amazonaws.com .google.com .google-analytics.com .googletagmanager.com .youtube.com .vimeo.com vimeo.com .gstatic.com .oniqa.com .cookielaw.org .onistaged.com .typekit.net .onenorth.com .thinkbrg.com .vidyard.com data:; font-src 'self' *.typekit.net data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20%28external%29
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 14:12:10 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
age: 87410
x-powered-by: Express
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 28 Feb 2022 22:05:11 GMT
server: cloudflare
x-p: APMAC1
x-frame-options: SAMEORIGIN
etag: W/"20c9a-17f425db1d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
content-security-policy: default-src 'self' 'unsafe-inline' *.amazonaws.com *.google.com *.google-analytics.com *.googletagmanager.com *.bc0a.com *.b0e8.com api.brightedge.com *.youtube.com *.vimeo.com vimeo.com *.gstatic.com *.oniqa.com *.cookielaw.org *.onistaged.com *.typekit.net *.onenorth.com *.thinkbrg.com *.vidyard.com; object-src 'self'; img-src 'self' *.amazonaws.com *.google.com *.google-analytics.com *.googletagmanager.com *.youtube.com *.vimeo.com vimeo.com *.gstatic.com *.oniqa.com *.cookielaw.org *.onistaged.com *.typekit.net *.onenorth.com *.thinkbrg.com *.vidyard.com data:; font-src 'self' *.typekit.net data:;
cf-ray: 70dd6d0c49a09000-FRA

GET
H2 200 b74b8270bd0529bd5e29.js Show response
www.thinkbrg.com/_nuxt/ 33 KB
8 KB 58ms
50ms Script
application/javascript 172.64.150.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thinkbrg.com/_nuxt/b74b8270bd0529bd5e29.js

Requested by

Host: www.thinkbrg.com
URL: https://www.thinkbrg.com/_nuxt/e0d762808606f9e25ecf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.158 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

ceee6b0ebecaee2559fdd4e989a1c4c46d8920c7bd87a84a7a09c1f12a891db5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' .amazonaws.com .google.com .google-analytics.com .googletagmanager.com .bc0a.com .b0e8.com api.brightedge.com .youtube.com .vimeo.com vimeo.com .gstatic.com .oniqa.com .cookielaw.org .onistaged.com .typekit.net .onenorth.com .thinkbrg.com .vidyard.com; object-src 'self'; img-src 'self' .amazonaws.com .google.com .google-analytics.com .googletagmanager.com .youtube.com .vimeo.com vimeo.com .gstatic.com .oniqa.com .cookielaw.org .onistaged.com .typekit.net .onenorth.com .thinkbrg.com .vidyard.com data:; font-src 'self' *.typekit.net data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20%28external%29
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 14:12:10 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
age: 85941
x-powered-by: Express
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 28 Feb 2022 22:05:11 GMT
server: cloudflare
x-p: APMAC2
x-frame-options: SAMEORIGIN
etag: W/"853f-17f425db1d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
content-security-policy: default-src 'self' 'unsafe-inline' *.amazonaws.com *.google.com *.google-analytics.com *.googletagmanager.com *.bc0a.com *.b0e8.com api.brightedge.com *.youtube.com *.vimeo.com vimeo.com *.gstatic.com *.oniqa.com *.cookielaw.org *.onistaged.com *.typekit.net *.onenorth.com *.thinkbrg.com *.vidyard.com; object-src 'self'; img-src 'self' *.amazonaws.com *.google.com *.google-analytics.com *.googletagmanager.com *.youtube.com *.vimeo.com vimeo.com *.gstatic.com *.oniqa.com *.cookielaw.org *.onistaged.com *.typekit.net *.onenorth.com *.thinkbrg.com *.vidyard.com data:; font-src 'self' *.typekit.net data:;
cf-ray: 70dd6d0c49a29000-FRA

GET
H2 200 dc342d8000a399d5e097.js Show response
www.thinkbrg.com/_nuxt/ 25 KB
6 KB 50ms
38ms Script
application/javascript 172.64.150.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thinkbrg.com/_nuxt/dc342d8000a399d5e097.js

Requested by

Host: www.thinkbrg.com
URL: https://www.thinkbrg.com/_nuxt/e0d762808606f9e25ecf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.158 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e2897803c29f87d46f063cc77e140704c84704099a2781bcc12ae79ac7953274

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' .amazonaws.com .google.com .google-analytics.com .googletagmanager.com .bc0a.com .b0e8.com api.brightedge.com .youtube.com .vimeo.com vimeo.com .gstatic.com .oniqa.com .cookielaw.org .onistaged.com .typekit.net .onenorth.com .thinkbrg.com .vidyard.com; object-src 'self'; img-src 'self' .amazonaws.com .google.com .google-analytics.com .googletagmanager.com .youtube.com .vimeo.com vimeo.com .gstatic.com .oniqa.com .cookielaw.org .onistaged.com .typekit.net .onenorth.com .thinkbrg.com .vidyard.com data:; font-src 'self' *.typekit.net data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20%28external%29
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 14:12:10 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
age: 85941
x-powered-by: Express
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 28 Feb 2022 22:05:11 GMT
server: cloudflare
x-p: APMAC1
x-frame-options: SAMEORIGIN
etag: W/"6474-17f425db1d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
content-security-policy: default-src 'self' 'unsafe-inline' *.amazonaws.com *.google.com *.google-analytics.com *.googletagmanager.com *.bc0a.com *.b0e8.com api.brightedge.com *.youtube.com *.vimeo.com vimeo.com *.gstatic.com *.oniqa.com *.cookielaw.org *.onistaged.com *.typekit.net *.onenorth.com *.thinkbrg.com *.vidyard.com; object-src 'self'; img-src 'self' *.amazonaws.com *.google.com *.google-analytics.com *.googletagmanager.com *.youtube.com *.vimeo.com vimeo.com *.gstatic.com *.oniqa.com *.cookielaw.org *.onistaged.com *.typekit.net *.onenorth.com *.thinkbrg.com *.vidyard.com data:; font-src 'self' *.typekit.net data:;
cf-ray: 70dd6d0c49a49000-FRA

GET
H2 200 6bfd9261a78cf0391f55.js Show response
www.thinkbrg.com/_nuxt/ 49 KB
11 KB 37ms
29ms Script
application/javascript 172.64.150.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thinkbrg.com/_nuxt/6bfd9261a78cf0391f55.js

Requested by

Host: www.thinkbrg.com
URL: https://www.thinkbrg.com/_nuxt/e0d762808606f9e25ecf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.158 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

12a75c4387432e29d1a329e701368f413ea9b2746f347af1d00a2550ea795063

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' .amazonaws.com .google.com .google-analytics.com .googletagmanager.com .bc0a.com .b0e8.com api.brightedge.com .youtube.com .vimeo.com vimeo.com .gstatic.com .oniqa.com .cookielaw.org .onistaged.com .typekit.net .onenorth.com .thinkbrg.com .vidyard.com; object-src 'self'; img-src 'self' .amazonaws.com .google.com .google-analytics.com .googletagmanager.com .youtube.com .vimeo.com vimeo.com .gstatic.com .oniqa.com .cookielaw.org .onistaged.com .typekit.net .onenorth.com .thinkbrg.com .vidyard.com data:; font-src 'self' *.typekit.net data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20%28external%29
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 14:12:10 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
age: 173437
x-powered-by: Express
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 28 Feb 2022 22:05:11 GMT
server: cloudflare
x-p: APMAC1
x-frame-options: SAMEORIGIN
etag: W/"c48d-17f425db1d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
content-security-policy: default-src 'self' 'unsafe-inline' *.amazonaws.com *.google.com *.google-analytics.com *.googletagmanager.com *.bc0a.com *.b0e8.com api.brightedge.com *.youtube.com *.vimeo.com vimeo.com *.gstatic.com *.oniqa.com *.cookielaw.org *.onistaged.com *.typekit.net *.onenorth.com *.thinkbrg.com *.vidyard.com; object-src 'self'; img-src 'self' *.amazonaws.com *.google.com *.google-analytics.com *.googletagmanager.com *.youtube.com *.vimeo.com vimeo.com *.gstatic.com *.oniqa.com *.cookielaw.org *.onistaged.com *.typekit.net *.onenorth.com *.thinkbrg.com *.vidyard.com data:; font-src 'self' *.typekit.net data:;
cf-ray: 70dd6d0c49a59000-FRA

GET
H2 200 d7455bb045bd275b4c57.js Show response
www.thinkbrg.com/_nuxt/ 19 KB
6 KB 51ms
43ms Script
application/javascript 172.64.150.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thinkbrg.com/_nuxt/d7455bb045bd275b4c57.js

Requested by

Host: www.thinkbrg.com
URL: https://www.thinkbrg.com/_nuxt/e0d762808606f9e25ecf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.158 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

92a651a35bfbc26c00c2f144e86b745c7867ff3f559a71d84e9509a6d727a7a3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' .amazonaws.com .google.com .google-analytics.com .googletagmanager.com .bc0a.com .b0e8.com api.brightedge.com .youtube.com .vimeo.com vimeo.com .gstatic.com .oniqa.com .cookielaw.org .onistaged.com .typekit.net .onenorth.com .thinkbrg.com .vidyard.com; object-src 'self'; img-src 'self' .amazonaws.com .google.com .google-analytics.com .googletagmanager.com .youtube.com .vimeo.com vimeo.com .gstatic.com .oniqa.com .cookielaw.org .onistaged.com .typekit.net .onenorth.com .thinkbrg.com .vidyard.com data:; font-src 'self' *.typekit.net data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20%28external%29
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 14:12:10 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
age: 87410
x-powered-by: Express
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 28 Feb 2022 22:05:11 GMT
server: cloudflare
x-p: APMAC1
x-frame-options: SAMEORIGIN
etag: W/"4a6f-17f425db1d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
content-security-policy: default-src 'self' 'unsafe-inline' *.amazonaws.com *.google.com *.google-analytics.com *.googletagmanager.com *.bc0a.com *.b0e8.com api.brightedge.com *.youtube.com *.vimeo.com vimeo.com *.gstatic.com *.oniqa.com *.cookielaw.org *.onistaged.com *.typekit.net *.onenorth.com *.thinkbrg.com *.vidyard.com; object-src 'self'; img-src 'self' *.amazonaws.com *.google.com *.google-analytics.com *.googletagmanager.com *.youtube.com *.vimeo.com vimeo.com *.gstatic.com *.oniqa.com *.cookielaw.org *.onistaged.com *.typekit.net *.onenorth.com *.thinkbrg.com *.vidyard.com data:; font-src 'self' *.typekit.net data:;
cf-ray: 70dd6d0c49a69000-FRA

GET
H2 200 2379db17f67655695c2c.js Show response
www.thinkbrg.com/_nuxt/ 49 KB
11 KB 55ms
49ms Script
application/javascript 172.64.150.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thinkbrg.com/_nuxt/2379db17f67655695c2c.js

Requested by

Host: www.thinkbrg.com
URL: https://www.thinkbrg.com/_nuxt/e0d762808606f9e25ecf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.158 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

9cdc21b0a107c7d574481e63272360383acac767144b9edfd128b1f287fd2eb6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' .amazonaws.com .google.com .google-analytics.com .googletagmanager.com .bc0a.com .b0e8.com api.brightedge.com .youtube.com .vimeo.com vimeo.com .gstatic.com .oniqa.com .cookielaw.org .onistaged.com .typekit.net .onenorth.com .thinkbrg.com .vidyard.com; object-src 'self'; img-src 'self' .amazonaws.com .google.com .google-analytics.com .googletagmanager.com .youtube.com .vimeo.com vimeo.com .gstatic.com .oniqa.com .cookielaw.org .onistaged.com .typekit.net .onenorth.com .thinkbrg.com .vidyard.com data:; font-src 'self' *.typekit.net data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20%28external%29
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 14:12:10 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
age: 85942
x-powered-by: Express
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 28 Feb 2022 22:05:11 GMT
server: cloudflare
x-p: APMAC1
x-frame-options: SAMEORIGIN
etag: W/"c5bf-17f425db1d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
content-security-policy: default-src 'self' 'unsafe-inline' *.amazonaws.com *.google.com *.google-analytics.com *.googletagmanager.com *.bc0a.com *.b0e8.com api.brightedge.com *.youtube.com *.vimeo.com vimeo.com *.gstatic.com *.oniqa.com *.cookielaw.org *.onistaged.com *.typekit.net *.onenorth.com *.thinkbrg.com *.vidyard.com; object-src 'self'; img-src 'self' *.amazonaws.com *.google.com *.google-analytics.com *.googletagmanager.com *.youtube.com *.vimeo.com vimeo.com *.gstatic.com *.oniqa.com *.cookielaw.org *.onistaged.com *.typekit.net *.onenorth.com *.thinkbrg.com *.vidyard.com data:; font-src 'self' *.typekit.net data:;
cf-ray: 70dd6d0c49a79000-FRA

GET
H2 200 aa90764b82aeccd311b8.js Show response
www.thinkbrg.com/_nuxt/ 15 KB
4 KB 50ms
44ms Script
application/javascript 172.64.150.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thinkbrg.com/_nuxt/aa90764b82aeccd311b8.js

Requested by

Host: www.thinkbrg.com
URL: https://www.thinkbrg.com/_nuxt/e0d762808606f9e25ecf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.158 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

60e8104f628b6f0b8adfd125a686e6cfda57cb25d2e426e7a204b1d675fdc8e5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' .amazonaws.com .google.com .google-analytics.com .googletagmanager.com .bc0a.com .b0e8.com api.brightedge.com .youtube.com .vimeo.com vimeo.com .gstatic.com .oniqa.com .cookielaw.org .onistaged.com .typekit.net .onenorth.com .thinkbrg.com .vidyard.com; object-src 'self'; img-src 'self' .amazonaws.com .google.com .google-analytics.com .googletagmanager.com .youtube.com .vimeo.com vimeo.com .gstatic.com .oniqa.com .cookielaw.org .onistaged.com .typekit.net .onenorth.com .thinkbrg.com .vidyard.com data:; font-src 'self' *.typekit.net data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20%28external%29
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 14:12:10 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
age: 62711
x-powered-by: Express
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 28 Feb 2022 22:05:11 GMT
server: cloudflare
x-p: APMAC1
x-frame-options: SAMEORIGIN
etag: W/"3bf6-17f425db1d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
content-security-policy: default-src 'self' 'unsafe-inline' *.amazonaws.com *.google.com *.google-analytics.com *.googletagmanager.com *.bc0a.com *.b0e8.com api.brightedge.com *.youtube.com *.vimeo.com vimeo.com *.gstatic.com *.oniqa.com *.cookielaw.org *.onistaged.com *.typekit.net *.onenorth.com *.thinkbrg.com *.vidyard.com; object-src 'self'; img-src 'self' *.amazonaws.com *.google.com *.google-analytics.com *.googletagmanager.com *.youtube.com *.vimeo.com vimeo.com *.gstatic.com *.oniqa.com *.cookielaw.org *.onistaged.com *.typekit.net *.onenorth.com *.thinkbrg.com *.vidyard.com data:; font-src 'self' *.typekit.net data:;
cf-ray: 70dd6d0c49ab9000-FRA

GET
H2 200 b92b3a85ee74027267a9.js Show response
www.thinkbrg.com/_nuxt/ 6 KB
2 KB 40ms
35ms Script
application/javascript 172.64.150.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thinkbrg.com/_nuxt/b92b3a85ee74027267a9.js

Requested by

Host: www.thinkbrg.com
URL: https://www.thinkbrg.com/_nuxt/e0d762808606f9e25ecf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.158 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

6a3df7544d9bea8e04aedad55c22b8c64f4201fed7fa692ba45f9c81de2a4c90

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' .amazonaws.com .google.com .google-analytics.com .googletagmanager.com .bc0a.com .b0e8.com api.brightedge.com .youtube.com .vimeo.com vimeo.com .gstatic.com .oniqa.com .cookielaw.org .onistaged.com .typekit.net .onenorth.com .thinkbrg.com .vidyard.com; object-src 'self'; img-src 'self' .amazonaws.com .google.com .google-analytics.com .googletagmanager.com .youtube.com .vimeo.com vimeo.com .gstatic.com .oniqa.com .cookielaw.org .onistaged.com .typekit.net .onenorth.com .thinkbrg.com .vidyard.com data:; font-src 'self' *.typekit.net data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20%28external%29
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 14:12:10 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
age: 85942
x-powered-by: Express
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 28 Feb 2022 22:05:11 GMT
server: cloudflare
x-p: APMAC2
x-frame-options: SAMEORIGIN
etag: W/"17ac-17f425db1d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
content-security-policy: default-src 'self' 'unsafe-inline' *.amazonaws.com *.google.com *.google-analytics.com *.googletagmanager.com *.bc0a.com *.b0e8.com api.brightedge.com *.youtube.com *.vimeo.com vimeo.com *.gstatic.com *.oniqa.com *.cookielaw.org *.onistaged.com *.typekit.net *.onenorth.com *.thinkbrg.com *.vidyard.com; object-src 'self'; img-src 'self' *.amazonaws.com *.google.com *.google-analytics.com *.googletagmanager.com *.youtube.com *.vimeo.com vimeo.com *.gstatic.com *.oniqa.com *.cookielaw.org *.onistaged.com *.typekit.net *.onenorth.com *.thinkbrg.com *.vidyard.com data:; font-src 'self' *.typekit.net data:;
cf-ray: 70dd6d0c49ac9000-FRA

GET
H2 200 7249291cc899f9d910df.js Show response
www.thinkbrg.com/_nuxt/ 29 KB
8 KB 34ms
28ms Script
application/javascript 172.64.150.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thinkbrg.com/_nuxt/7249291cc899f9d910df.js

Requested by

Host: www.thinkbrg.com
URL: https://www.thinkbrg.com/_nuxt/e0d762808606f9e25ecf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.158 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

f82dd28dca4da4851c19cb5d6ff1be54d6f3ac7be41dd8e3ffd856d368a46b1d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' .amazonaws.com .google.com .google-analytics.com .googletagmanager.com .bc0a.com .b0e8.com api.brightedge.com .youtube.com .vimeo.com vimeo.com .gstatic.com .oniqa.com .cookielaw.org .onistaged.com .typekit.net .onenorth.com .thinkbrg.com .vidyard.com; object-src 'self'; img-src 'self' .amazonaws.com .google.com .google-analytics.com .googletagmanager.com .youtube.com .vimeo.com vimeo.com .gstatic.com .oniqa.com .cookielaw.org .onistaged.com .typekit.net .onenorth.com .thinkbrg.com .vidyard.com data:; font-src 'self' *.typekit.net data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20%28external%29
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 14:12:10 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
age: 173437
x-powered-by: Express
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 28 Feb 2022 22:05:11 GMT
server: cloudflare
x-p: APMAC2
x-frame-options: SAMEORIGIN
etag: W/"7280-17f425db1d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
content-security-policy: default-src 'self' 'unsafe-inline' *.amazonaws.com *.google.com *.google-analytics.com *.googletagmanager.com *.bc0a.com *.b0e8.com api.brightedge.com *.youtube.com *.vimeo.com vimeo.com *.gstatic.com *.oniqa.com *.cookielaw.org *.onistaged.com *.typekit.net *.onenorth.com *.thinkbrg.com *.vidyard.com; object-src 'self'; img-src 'self' *.amazonaws.com *.google.com *.google-analytics.com *.googletagmanager.com *.youtube.com *.vimeo.com vimeo.com *.gstatic.com *.oniqa.com *.cookielaw.org *.onistaged.com *.typekit.net *.onenorth.com *.thinkbrg.com *.vidyard.com data:; font-src 'self' *.typekit.net data:;
cf-ray: 70dd6d0c49ad9000-FRA

GET
H2 200 88efea1787eb3d3d465f.js Show response
www.thinkbrg.com/_nuxt/ 55 KB
13 KB 42ms
37ms Script
application/javascript 172.64.150.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thinkbrg.com/_nuxt/88efea1787eb3d3d465f.js

Requested by

Host: www.thinkbrg.com
URL: https://www.thinkbrg.com/_nuxt/e0d762808606f9e25ecf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.158 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

caac6f849fe9416c945315c9378f5c201fd68eb95e1e5eece92e406cb2c13fb4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' .amazonaws.com .google.com .google-analytics.com .googletagmanager.com .bc0a.com .b0e8.com api.brightedge.com .youtube.com .vimeo.com vimeo.com .gstatic.com .oniqa.com .cookielaw.org .onistaged.com .typekit.net .onenorth.com .thinkbrg.com .vidyard.com; object-src 'self'; img-src 'self' .amazonaws.com .google.com .google-analytics.com .googletagmanager.com .youtube.com .vimeo.com vimeo.com .gstatic.com .oniqa.com .cookielaw.org .onistaged.com .typekit.net .onenorth.com .thinkbrg.com .vidyard.com data:; font-src 'self' *.typekit.net data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20%28external%29
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 14:12:10 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
age: 20130
x-powered-by: Express
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 28 Feb 2022 22:05:11 GMT
server: cloudflare
x-p: APMAC2
x-frame-options: SAMEORIGIN
etag: W/"dccf-17f425db1d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
content-security-policy: default-src 'self' 'unsafe-inline' *.amazonaws.com *.google.com *.google-analytics.com *.googletagmanager.com *.bc0a.com *.b0e8.com api.brightedge.com *.youtube.com *.vimeo.com vimeo.com *.gstatic.com *.oniqa.com *.cookielaw.org *.onistaged.com *.typekit.net *.onenorth.com *.thinkbrg.com *.vidyard.com; object-src 'self'; img-src 'self' *.amazonaws.com *.google.com *.google-analytics.com *.googletagmanager.com *.youtube.com *.vimeo.com vimeo.com *.gstatic.com *.oniqa.com *.cookielaw.org *.onistaged.com *.typekit.net *.onenorth.com *.thinkbrg.com *.vidyard.com data:; font-src 'self' *.typekit.net data:;
cf-ray: 70dd6d0c49ae9000-FRA

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
8ms Image
image/gif 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=675555140&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.thinkbrg.com%2F%3Futm_source%3Dvuture%26utm_medium%3Demail%26utm_campaign%3Dit%2520alert%2520-%2520areli%2520phishing%2520email%2520%2528external%2529&ul=en-us&de=UTF-8&dt=BRG%20%7C%20Global%20Consulting%20Firm%20%7C%20Disputes%20%7C%20Corporate%20Finance%20%7C%20Performance%20Improvement%20%7C%20Berkeley%20Research%20Group&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=10%25&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=848619598.1652969530&tid=UA-3105905-9&_gid=955814338.1652969530&gtm=2wg5b0P97RCDT&z=794337154

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20%28external%29
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 09:33:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 16736
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: a1.b0e8.com
URL: https://a1.b0e8.com/brightedge3.php?id=f00000000269920&p_id=8NRAPNJ4J8N4RL48LNPA8JJ48AAAAAAAAH&bf=94fc23dd2d3f345eda8c8cd38d9e5964&url=https%3A//www.thinkbrg.com/%3Futm_source%3Dvuture%26utm_medium%3Demail%26utm_campaign%3Dit%2520alert%2520-%2520areli%2520phishing%2520email%2520%28external%29&ref=&bn=1&bv=3.44&title=BRG%20%7C%20Global%20Consulting%20Firm%20%7C%20Disputes%20%7C%20Corporate%20Finance%20%7C%20Performance%20Improvement%20%7C%20Berkeley%20Research%20Group&metadesc=Berkeley%20Research%20Group%2C%20LLC%20%28BRG%29%20is%20a%20global%20consulting%20firm%20that%20helps%20leading%20organizations%20advance%20in%20three%20key%20areas%3A%20disputes%20and%20investigations%2C%20corporate%20finance%2C%20and%20performance%20improvement%20and%20advisory.&metakeywords=&s_id=PNRAPNJ4J8N4RL6RJLLA8JJ48AAAAAAAAH

Domain: stats.g.doubleclick.net
URL: https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-3105905-9&cid=848619598.1652969530&jid=1838014950&gjid=2123993206&_gid=955814338.1652969530&_u=YEBAAEAAAAAAAC~&z=1854700538

Verdicts & Comments Add Verdict or Comment

127 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.thinkbrg.com/	1970-01-20 20:40:41	Name: _ga Value: GA1.2.848619598.1652969530
.thinkbrg.com/	1970-01-20 03:10:55	Name: _gid Value: GA1.2.955814338.1652969530
.thinkbrg.com/	1970-01-20 03:09:29	Name: _gat_UA-3105905-9 Value: 1
.thinkbrg.com/	1970-02-26 07:57:29	Name: BE_CLA3 Value: p_id%3D8NRAPNJ4J8N4RL48LNPA8JJ48AAAAAAAAH%26bf%3D94fc23dd2d3f345eda8c8cd38d9e5964%26bn%3D1%26bv%3D3.44%26s_expire%3D1653055930153%26s_id%3DPNRAPNJ4J8N4RL6RJLLA8JJ48AAAAAAAAH
.thinkbrg.com/	1970-01-20 11:55:05	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Thu+May+19+2022+14%3A12%3A10+GMT%2B0000+(GMT)&version=6.4.0&hosts=&landingPath=https%3A%2F%2Fwww.thinkbrg.com%2F%3Futm_source%3Dvuture%26utm_medium%3Demail%26utm_campaign%3Dit%2520alert%2520-%2520areli%2520phishing%2520email%2520%2528external%2529&groups=C0002%3A0%2CC0001%3A1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.thinkbrg.com/?utm_source=vuture&utm_medium=email&utm_campaign=it%20alert%20-%20areli%20phishing%20email%20%28external%29 Message: Refused to load the image 'https://a1.b0e8.com/brightedge3.php?id=f00000000269920&p_id=8NRAPNJ4J8N4RL48LNPA8JJ48AAAAAAAAH&bf=94fc23dd2d3f345eda8c8cd38d9e5964&url=https%3A//www.thinkbrg.com/%3Futm_source%3Dvuture%26utm_medium%3Demail%26utm_campaign%3Dit%2520alert%2520-%2520areli%2520phishing%2520email%2520%28external%29&ref=&bn=1&bv=3.44&title=BRG%20%7C%20Global%20Consulting%20Firm%20%7C%20Disputes%20%7C%20Corporate%20Finance%20%7C%20Performance%20Improvement%20%7C%20Berkeley%20Research%20Group&metadesc=Berkeley%20Research%20Group%2C%20LLC%20%28BRG%29%20is%20a%20global%20consulting%20firm%20that%20helps%20leading%20organizations%20advance%20in%20three%20key%20areas%3A%20disputes%20and%20investigations%2C%20corporate%20finance%2C%20and%20performance%20improvement%20and%20advisory.&metakeywords=&s_id=PNRAPNJ4J8N4RL6RJLLA8JJ48AAAAAAAAH' because it violates the following Content Security Policy directive: "img-src 'self' .amazonaws.com .google.com .google-analytics.com .googletagmanager.com .youtube.com .vimeo.com vimeo.com .gstatic.com .oniqa.com .cookielaw.org .onistaged.com .typekit.net .onenorth.com .thinkbrg.com .vidyard.com data:".
security	error	URL: https://www.google-analytics.com/analytics.js(Line 43) Message: Refused to connect to 'https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-3105905-9&cid=848619598.1652969530&jid=1838014950&gjid=2123993206&_gid=955814338.1652969530&_u=YEBAAEAAAAAAAC~&z=1854700538' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' .amazonaws.com .google.com .google-analytics.com .googletagmanager.com .bc0a.com .b0e8.com api.brightedge.com .youtube.com .vimeo.com vimeo.com .gstatic.com .oniqa.com .cookielaw.org .onistaged.com .typekit.net .onenorth.com .thinkbrg.com .vidyard.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' .amazonaws.com .google.com .google-analytics.com .googletagmanager.com .bc0a.com .b0e8.com api.brightedge.com .youtube.com .vimeo.com vimeo.com .gstatic.com .oniqa.com .cookielaw.org .onistaged.com .typekit.net .onenorth.com .thinkbrg.com .vidyard.com; object-src 'self'; img-src 'self' .amazonaws.com .google.com .google-analytics.com .googletagmanager.com .youtube.com .vimeo.com vimeo.com .gstatic.com .oniqa.com .cookielaw.org .onistaged.com .typekit.net .onenorth.com .thinkbrg.com .vidyard.com data:; font-src 'self' *.typekit.net data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a1.b0e8.com
cdn.b0e8.com
cdn.bc0a.com
cdn.cookielaw.org
ecommunications.thinkbrg.com
ixfd1-api.bc0a.com
media.thinkbrg.com
p.typekit.net
stats.g.doubleclick.net
thinkbrg.vuturevx.com
use.typekit.net
www.google-analytics.com
www.googletagmanager.com
www.thinkbrg.com
a1.b0e8.com
stats.g.doubleclick.net
108.166.30.176
162.209.20.37
172.64.150.158
2606:4700::6810:9540
2a00:1450:4001:802::2008
2a00:1450:4001:813::200e
2a02:26f0:3500:7::17d8:4dc7
2a02:26f0:3500:7::17d8:4dcd
34.102.193.142
35.190.5.192
35.201.125.192
00cdbf01caa8254efb21c888829e9d2ba04a8f2a31c1044925fdcfcee14cb4a1
00e92b5e3890aa99b5e0ecab12786b754d0f208af9c1e1e4220e1a9c43c3a3d8
03aa6fcac2902227e1b66a01b87824692f708bbf9bfe441784f8ed22d677f6de
06ef016642723cc60a2b1405a9b8e8133706a4ca85ee1bb5f4ca222f726eaf25
105efa25e6e0bc483effbf185e6d8b9310b734e2cf85bacd7f85739d79a86305
1073d4be6104263885812287136307ed9d80de41fa8493bee260b64dfc888560
12a75c4387432e29d1a329e701368f413ea9b2746f347af1d00a2550ea795063
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
2e3e09a6c6edfd8bf3c71591ca99118b0a94fc8b3c46528c7ba6db17d4d679fd
2f5bf5edcefe950e16d287cdcb9c28690952439098ee0639f4a960fe268ae231
34e451071033c794d137cca1dd26ce679f0c81b6acd831025a734c42565d65f6
366a7a910e45bfc8f7d67bf49d81f4e2acf3a1686360d0c1bf347293b0e26558
3a23d1f15b59b8733c0ffc9b487d298df0e401fc73dea010404e61bea0d14285
3b354dc576cfa62cc0f5e18ab1202e5003386059f2f6122537f5c489940e6889
3f000d94e27ed9da2c25a5f25ef5c577fa337e5324103e588a2cccd52c0175a1
436b4b2f22e21354276f6d7e9ceece84369d156b645d98fb6019fe3c08cb2c84
4cb38153c599be0c818af1145fb39feb79bce20a4a5a2e65e5764318573f36e1
52f8b5c40b7f0aa213db628ff0aa28d992ce94f0d736e9a620c790f2655d0660
58e672ddb75c4f6487faeb8478adcd6fb70eedad15e584f0b0d60ee757a6cfb3
601dd57db68f45c5569cc09fc4083c0916876ae4cd05bed33b054441e715aa45
60e8104f628b6f0b8adfd125a686e6cfda57cb25d2e426e7a204b1d675fdc8e5
6a3df7544d9bea8e04aedad55c22b8c64f4201fed7fa692ba45f9c81de2a4c90
6ec9aee7875d3e27527cf527945e4fb3d69b2a0e4ae9f0cec1867b26e61e661b
70b31621720c33d1d4d06a73ced3c4d000594e5430c305a32b7eff4e445e161d
71e0eea3a1a9774d9850430ac1d4f1797a012d7791cd5964170421f9b4ccd873
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84c1c0866862385c6e6039a5dc225e9be949003c9ba7027fb5a3212557cf9491
92336d96303f77c45ae868477ca2a25cd97f8e3efe51e29a0bc1d9dfb9d432b5
92a651a35bfbc26c00c2f144e86b745c7867ff3f559a71d84e9509a6d727a7a3
960d1f95f71be9bc4c13e06c200762c60cdc944d3289687f9d9faa6cf7b17506
965bb1d0e0b769a19b6ecfc64bf815459f7c6ea3f5fe13969e3427c134a332c6
9ada603a45178f3942de75eb4fefd369d74eae20190f5dbaf7a9f080f736adff
9b118992e14947a711675672b98c54f02c80ce830617ad3441aa5b630c3e6b2d
9cdc21b0a107c7d574481e63272360383acac767144b9edfd128b1f287fd2eb6
9f9ac2aeda2c103f1b53551296b48dcb85287badbccbe2c70497f26c49eab412
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a5a9369563a14ddd63ccb43c3d12210c338ef3e67b02e9bcbd281342befc5554
ae407e415a45b6c720d8d61fef8c28756883d0f546a64e7a2969d6174c669951
aeedd2ecd054f1376d292f29a88f93555ff6884d07f98a4a3c5faad2305c290c
b2bbf5e81f5a6d5bbbf314259dfa7260b734cefed65143a089cc8a4c9d1eee44
b6f9e2cd725c5f012e07938cf6d6e1ac0a60bf2c94f69c9e863a6da1ca635530
ba0ebf726ea8710e3e0ad4b8498e7f3de91c1822ed0a80bbfbc4faf2631c9f5b
bc0f0e11c15fbb4017d7aaea72bcf2912cacd5e72cfe7244c8e1b0a36d7ff3e0
bedc658ad6195b90ce88281bf87a7263ff6e21282dca4154df976de9f56d5ead
caac6f849fe9416c945315c9378f5c201fd68eb95e1e5eece92e406cb2c13fb4
cb0c7cdd0d61627c83ea22319ba6e0a921ef27b8b11e568cceba696f3068b96e
ceee6b0ebecaee2559fdd4e989a1c4c46d8920c7bd87a84a7a09c1f12a891db5
d165f84e466f4d1c4e4840e7bddf5e6e0114e114cf2c555078c40719498430dc
d737a6e31bf715e2d40ce46c531e9d6934e240b1d06bfe5d6ee64616c06c4844
d75e053cdab56b9a6c546b01b6c2c708dcec71b9dcb25a7a937f1c0f250964d0
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e1dd3b4f863f1c12b80dff634f96e105d53e8010cda80f68c74bb0d61b3b8e75
e2897803c29f87d46f063cc77e140704c84704099a2781bcc12ae79ac7953274
e631b7a845be3faa30a22a999f05bd08a0ff3c850070ef2dddb1dad93899437b
f479dbcb2d8369bf46692293768dd3a901ae4b57fd8aae023b77536b86f8b20a
f5afa04b55596eabb02e015ced561a054a62c82d73079fb7d751c0561665dac7
f82dd28dca4da4851c19cb5d6ff1be54d6f3ac7be41dd8e3ffd856d368a46b1d
fc0e69bbaa077dc7e14003fa8030c0e70c339f5a179fd2d60ae563df2743de46
ffc3a97c1848d3500e53de904714118de356082640561bac83ca49a7bbc79099

www.thinkbrg.com Open in urlscan Pro 172.64.150.158 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

61 Requests

97 %HTTPS

45 %IPv6

9 Domains

14 Subdomains

10 IPs

2 Countries

11037 kBTransfer

12678 kBSize

5 Cookies

7 Outgoing links

Page URL History

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.thinkbrg.com Open in urlscan Pro
172.64.150.158 Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

97 %
HTTPS

45 %
IPv6

9
Domains

14
Subdomains

10
IPs

2
Countries

11037 kB
Transfer

12678 kB
Size

5
Cookies

61 HTTP transactions
1 data transactions