urlscan.io logo urlscan.io
SecurityTrails logo

borncity.com Open in urlscan Pro
178.77.110.222  Public Scan

Go To Rescan Add Verdict Report
URL: https://borncity.com/win/2024/07/09/midnight-blizzard-hack-microsoft-sends-notification-to-customers-by-email-that-en...
Submission: On July 10 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 9 domains to perform 55 HTTP transactions. The main IP is 178.77.110.222, located in Germany and belongs to GODADDY, DE. The main domain is borncity.com. The Cisco Umbrella rank of the primary domain is 629067.
TLS certificate: Issued by Starfield Secure Certificate Authorit... on March 6th 2024. Valid for: a year.
This is the only time borncity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
25 178.77.110.222 20773 (GODADDY)
1 34.120.221.78 396982 (GOOGLE-CL...)
1 2 161.156.47.60 36351 (SOFTLAYER)
2 162.19.61.80 16276 (OVH)
1 172.67.41.60 13335 (CLOUDFLAR...)
7 99.86.4.122 16509 (AMAZON-02)
11 142.250.186.162 15169 (GOOGLE)
3 130.211.23.194 396982 (GOOGLE-CL...)
2 172.67.69.19 13335 (CLOUDFLAR...)
1 142.250.185.70 15169 (GOOGLE)
1 99.86.4.40 16509 (AMAZON-02)
55 11
25    178.77.110.222 (Germany)

ASN20773 (GODADDY, DE)
PTR: vwp15938.webpack.hosteurope.de
borncity.com
www.borncity.com
1    34.120.221.78 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 78.221.120.34.bc.googleusercontent.com
cdns.symplr.de
2    161.156.47.60 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 3c.2f.9ca1.ip4.static.sl-reverse.com
vg09.met.vgwort.de
2    162.19.61.80 (France)

ASN16276 (OVH, FR)
PTR: ns3094918.ip-162-19-61.eu
i.postimg.cc
1    172.67.41.60 (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
7    99.86.4.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-122.fra6.r.cloudfront.net
cdn.privacy-mgmt.com
11    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
pagead2.googlesyndication.com
3    130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
2    172.67.69.19 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    142.250.185.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net
ad.doubleclick.net
1    99.86.4.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-40.fra6.r.cloudfront.net
cdn.privacy-mgmt.com
Apex Domain
Subdomains		 Transfer
25 borncity.com
borncity.com — Cisco Umbrella Rank: 629067
www.borncity.com — Cisco Umbrella Rank: 737115
461 KB
11 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 157
228 KB
8 privacy-mgmt.com
cdn.privacy-mgmt.com — Cisco Umbrella Rank: 4058
70 KB
4 btloader.com
btloader.com — Cisco Umbrella Rank: 1597
api.btloader.com — Cisco Umbrella Rank: 1817
32 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1620
1 KB
2 postimg.cc
i.postimg.cc — Cisco Umbrella Rank: 18784
347 KB
2 vgwort.de
vg09.met.vgwort.de — Cisco Umbrella Rank: 294079
725 B
1 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 215
130 B
1 symplr.de
cdns.symplr.de — Cisco Umbrella Rank: 104422
24 KB
55 9
Domain Requested by
16 borncity.com borncity.com
11 pagead2.googlesyndication.com borncity.com
pagead2.googlesyndication.com
9 www.borncity.com borncity.com
8 cdn.privacy-mgmt.com cdns.symplr.de
cdn.privacy-mgmt.com
3 api.btloader.com btloader.com
2 ad-delivery.net borncity.com
2 i.postimg.cc borncity.com
2 vg09.met.vgwort.de 1 redirects borncity.com
1 ad.doubleclick.net borncity.com
1 btloader.com cdns.symplr.de
1 cdns.symplr.de borncity.com
55 11
Subject Issuer Validity Valid
www.borncity.com
Starfield Secure Certificate Authority - G2		 2024-03-06 -
2025-04-05		 a year crt.sh
cdns.symplr.de
WR3		 2024-07-02 -
2024-09-30		 3 months crt.sh
postimg.cc
R11		 2024-06-21 -
2024-09-19		 3 months crt.sh
btloader.com
WE1		 2024-06-12 -
2024-09-10		 3 months crt.sh
*.privacy-mgmt.com
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
api.btloader.com
GTS CA 1D4		 2024-06-04 -
2024-09-02		 3 months crt.sh
ad-delivery.net
GTS CA 1P5		 2024-05-17 -
2024-08-15		 3 months crt.sh
*.doubleclick.net
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://borncity.com/win/2024/07/09/midnight-blizzard-hack-microsoft-sends-notification-to-customers-by-email-that-ends-up-in-spam-folders/
Frame ID: D2CCCF3EC571B923908FAEA1E1A98DAF
Requests: 53 HTTP requests in this frame

Frame: https://cdn.privacy-mgmt.com/index.html?hasCsp=true&message_id=894502&consentUUID=null&consent_origin=https%3A%2F%2Fcdn.privacy-mgmt.com%2Fconsent%2Ftcfv2&preload_message=true&version=v1
Frame ID: 16CC56DB5093229372155C80C48454AF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Midnight Blizzard hack: Microsoft sends notification to customers by email that ends up in SPAM folders | Born's Tech and Windows World

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

55
Requests

98 %
HTTPS

0 %
IPv6

9
Domains

11
Subdomains

11
IPs

3
Countries

1164 kB
Transfer

2030 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://vg09.met.vgwort.de/na/ebd2e86101fd456d8ceeeb8d47517d8d HTTP 302
  • https://vg09.met.vgwort.de/blank.gif

55 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
borncity.com/win/2024/07/09/midnight-blizzard-hack-microsoft-sends-notification-to-customers-by-email-that-ends-up-in-spam-folders/ 		145 KB
146 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://borncity.com/win/2024/07/09/midnight-blizzard-hack-microsoft-sends-notification-to-customers-by-email-that-ends-up-in-spam-folders/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
7dc8157f49d551265b609bca85bb7d35114241053d02b32940b748b6c0a8efa7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Cache-Control
private, proxy-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
text/html
Date
Wed, 10 Jul 2024 12:22:24 GMT
Link
<https://borncity.com/win/wp-json/>; rel="https://api.w.org/" <https://borncity.com/win/wp-json/wp/v2/posts/34390>; rel="alternate"; type="application/json" <https://borncity.com/win/?p=34390>; rel=shortlink
Server
Apache
Transfer-Encoding
chunked
X-Cache-Status
MISS
style.css
borncity.com/win/wp-content/themes/twentyten/ 		24 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://borncity.com/win/wp-content/themes/twentyten/style.css?ver=20240402
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/07/09/midnight-blizzard-hack-microsoft-sends-notification-to-customers-by-email-that-ends-up-in-spam-folders/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
d11453ec3adb83bba3952012fd47dbae52c0a0ddbaaa00ef6bd9db3a580a2d27

Request headers

Referer
https://borncity.com/win/2024/07/09/midnight-blizzard-hack-microsoft-sends-notification-to-customers-by-email-that-ends-up-in-spam-folders/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 10 Jul 2024 12:22:24 GMT
Last-Modified
Wed, 03 Apr 2024 05:42:33 GMT
Server
Apache
ETag
"61ab-6152ab06f6d22"
X-Cache-Status
HIT
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25003
dashicons.min.css
borncity.com/win/wp-includes/css/ 		58 KB
58 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://borncity.com/win/wp-includes/css/dashicons.min.css?ver=5617c3709517892b9f2b579965c7df84
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/07/09/midnight-blizzard-hack-microsoft-sends-notification-to-customers-by-email-that-ends-up-in-spam-folders/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

Referer
https://borncity.com/win/2024/07/09/midnight-blizzard-hack-microsoft-sends-notification-to-customers-by-email-that-ends-up-in-spam-folders/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 10 Jul 2024 12:22:24 GMT
Last-Modified
Thu, 15 Apr 2021 08:36:49 GMT
Server
Apache
ETag
"e688-5bffec3b05f19"
X-Cache-Status
HIT
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
59016
frontend.min.css
borncity.com/win/wp-content/plugins/post-views-counter/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://borncity.com/win/wp-content/plugins/post-views-counter/css/frontend.min.css?ver=1.4.7
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/07/09/midnight-blizzard-hack-microsoft-sends-notification-to-customers-by-email-that-ends-up-in-spam-folders/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
0d585aebb9cb31821fbcc6b030e0d882b5639e17bb403f8eb5ce7b3b19f4a1c9

Request headers

Referer
https://borncity.com/win/2024/07/09/midnight-blizzard-hack-microsoft-sends-notification-to-customers-by-email-that-ends-up-in-spam-folders/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 10 Jul 2024 12:22:24 GMT
Last-Modified
Fri, 21 Jun 2024 03:56:50 GMT
Server
Apache
ETag
"422-61b5e6bd93479"
X-Cache-Status
HIT
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1058
blocks.css
borncity.com/win/wp-content/themes/twentyten/ 		5 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://borncity.com/win/wp-content/themes/twentyten/blocks.css?ver=20230627
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/07/09/midnight-blizzard-hack-microsoft-sends-notification-to-customers-by-email-that-ends-up-in-spam-folders/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
b942db1882c41dce308124c97a782fb0b85662ce10118965966bdbf475c040fa

Request headers

Referer
https://borncity.com/win/2024/07/09/midnight-blizzard-hack-microsoft-sends-notification-to-customers-by-email-that-ends-up-in-spam-folders/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 10 Jul 2024 12:22:24 GMT
Last-Modified
Wed, 03 Apr 2024 05:42:33 GMT
Server
Apache
ETag
"13e4-6152ab06f1f02"
X-Cache-Status
HIT
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5092
frontend.min.js
borncity.com/win/wp-content/plugins/post-views-counter/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://borncity.com/win/wp-content/plugins/post-views-counter/js/frontend.min.js?ver=1.4.7
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/07/09/midnight-blizzard-hack-microsoft-sends-notification-to-customers-by-email-that-ends-up-in-spam-folders/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
0ea483a3020f20467311f88198ac887d4c3032485b36f30ec83bfa93af6d12d2

Request headers

Referer
https://borncity.com/win/2024/07/09/midnight-blizzard-hack-microsoft-sends-notification-to-customers-by-email-that-ends-up-in-spam-folders/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 10 Jul 2024 12:22:24 GMT
Last-Modified
Fri, 21 Jun 2024 03:56:50 GMT
Server
Apache
ETag
"aec-61b5e6bd95b8a"
X-Cache-Status
HIT
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2796
borncity.js
cdns.symplr.de/borncity.com/ 		94 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdns.symplr.de/borncity.com/borncity.js
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/07/09/midnight-blizzard-hack-microsoft-sends-notification-to-customers-by-email-that-ends-up-in-spam-folders/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.221.78 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
78.221.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
26ac8c2deb15b1214f36abe4ac45edd2763bb290b2a62cec0c68d40ed3a75d1f

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 12:22:24 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ACJd0NrU3-7A0Tf5lUHkOVJn27i7H-cCTilOlw5mSmOUNTG00w-r5a5C5P7bIpRZRJ0s2a9H2MMFiLAEZA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23689
last-modified
Tue, 09 Jul 2024 07:00:42 GMT
server
UploadServer
etag
"fcb3c7bdf24dc21303ad47cf017cebb0"
vary
Accept-Encoding
x-goog-generation
1720508442352441
x-goog-hash
crc32c=TISyiA==, md5=/LPHvfJNwhMDrUfPAXzrsA==
content-type
application/javascript
cache-control
public,max-age=3600,no-cache
x-goog-stored-content-length
23689
accept-ranges
bytes
cropped-header04.jpg
borncity.com/win/wp-content/uploads/sites/2/2014/12/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://borncity.com/win/wp-content/uploads/sites/2/2014/12/cropped-header04.jpg
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/07/09/midnight-blizzard-hack-microsoft-sends-notification-to-customers-by-email-that-ends-up-in-spam-folders/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
6c88fa19fa98f93026f2d8a26f7d970dbb935c4d335c7c78e9f1ff308f9c83d7

Request headers

Referer
https://borncity.com/win/2024/07/09/midnight-blizzard-hack-microsoft-sends-notification-to-customers-by-email-that-ends-up-in-spam-folders/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 10 Jul 2024 12:22:24 GMT
Last-Modified
Sun, 07 Dec 2014 22:23:05 GMT
Server
Apache
ETag
"f0dd-509a7c10151ff"
X-Cache-Status
HIT
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
61661
Cloud-Symbol.jpg
www.borncity.com/blog/wp-content/uploads/2021/05/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.borncity.com/blog/wp-content/uploads/2021/05/Cloud-Symbol.jpg
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/07/09/midnight-blizzard-hack-microsoft-sends-notification-to-customers-by-email-that-ends-up-in-spam-folders/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
9e2eea10086252c9e91043b719c97cf4031dbbee9716cba20342a2174aa795a0

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 10 Jul 2024 12:22:25 GMT
Last-Modified
Tue, 04 May 2021 23:02:20 GMT
Server
Apache
ETag
"532e-5c18912003703"
X-Cache-Status
HIT
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21294
blank.gif
vg09.met.vgwort.de/
Redirect Chain
  • https://vg09.met.vgwort.de/na/ebd2e86101fd456d8ceeeb8d47517d8d
  • https://vg09.met.vgwort.de/blank.gif
43 B
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vg09.met.vgwort.de/blank.gif
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/07/09/midnight-blizzard-hack-microsoft-sends-notification-to-customers-by-email-that-ends-up-in-spam-folders/
Protocol
HTTP/1.1
Server
161.156.47.60 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
3c.2f.9ca1.ip4.static.sl-reverse.com
Software
keen /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 10 Jul 2024 12:22:24 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
keen
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Date
Wed, 10 Jul 2024 12:22:24 GMT
Last-Modified
Wed, 10 Jul 2024 12:22:24 GMT
Server
keen
Transfer-Encoding
chunked
Content-Type
text/html
Access-Control-Allow-Origin
*
Location
/blank.gif
Cache-Control
max-age=0, no-cache, must-revalidate, proxy-revalidate
Connection
keep-alive
Expires
Tue, 22 Aug 2000 15:05:01 GMT
image.png
i.postimg.cc/VLHcMNgG/ 		143 KB
144 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.postimg.cc/VLHcMNgG/image.png
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/07/09/midnight-blizzard-hack-microsoft-sends-notification-to-customers-by-email-that-ends-up-in-spam-folders/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.61.80 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3094918.ip-162-19-61.eu
Software
nginx /
Resource Hash
e6b18306875c56280201af94b0ab031e4ac49a70bf1161d7004dc2d5c01eeb4d

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 12:22:24 GMT
last-modified
Mon, 08 Jul 2024 22:01:57 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
146877
expires
Thu, 31 Dec 2037 23:55:55 GMT
image.png
i.postimg.cc/tTXx6DCH/ 		203 KB
204 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.postimg.cc/tTXx6DCH/image.png
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/07/09/midnight-blizzard-hack-microsoft-sends-notification-to-customers-by-email-that-ends-up-in-spam-folders/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.61.80 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3094918.ip-162-19-61.eu
Software
nginx /
Resource Hash
4188f25f6e29108d6453113a3ea6787c500a6e488afe726bf1b6ee71e677a24f

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 12:22:24 GMT
last-modified
Mon, 08 Jul 2024 22:31:16 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
208051
expires
Thu, 31 Dec 2037 23:55:55 GMT
W10Tricks1.jpg
www.borncity.com/blog/wp-content/uploads/2017/09/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.borncity.com/blog/wp-content/uploads/2017/09/W10Tricks1.jpg
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/07/09/midnight-blizzard-hack-microsoft-sends-notification-to-customers-by-email-that-ends-up-in-spam-folders/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
39e155d51048da4510471677309984b0f01ce87e9037a2064bdba92f6a27c026
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 10 Jul 2024 12:22:25 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Sun, 10 Sep 2017 09:14:53 GMT
Server
Apache
ETag
"2349-558d23e385b5e"
X-Cache-Status
HIT
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9033
Expires
Tue, 22 Apr 2025 16:50:07 GMT
AmazonPrime.jpg
borncity.com/win/wp-content/uploads/sites/2/2018/03/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://borncity.com/win/wp-content/uploads/sites/2/2018/03/AmazonPrime.jpg
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/07/09/midnight-blizzard-hack-microsoft-sends-notification-to-customers-by-email-that-ends-up-in-spam-folders/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
23cee2ccbd6470bf92c4ad0f691d2068bc58b4826e2ecde2a1811266c1cd4b62

Request headers

Referer
https://borncity.com/win/2024/07/09/midnight-blizzard-hack-microsoft-sends-notification-to-customers-by-email-that-ends-up-in-spam-folders/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 10 Jul 2024 12:22:24 GMT
Last-Modified
Sat, 17 Mar 2018 14:04:47 GMT
Server
Apache
ETag
"b3c-5679c351daed2"
X-Cache-Status
HIT
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2876
facebook.jpg
www.borncity.com/blog/wp-content/uploads/2015/11/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.borncity.com/blog/wp-content/uploads/2015/11/facebook.jpg
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/07/09/midnight-blizzard-hack-microsoft-sends-notification-to-customers-by-email-that-ends-up-in-spam-folders/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
8e1f32f496ef9041f913c7818e126d3d4e30b83193d6285df915f7943001e09a

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 10 Jul 2024 12:22:25 GMT
Last-Modified
Tue, 03 Nov 2015 17:06:21 GMT
Server
Apache
ETag
"b83-523a5e9bce29e"
X-Cache-Status
HIT
Content-Type
image/jpeg
Cache-Control
max-age=31557600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2947
Expires
Wed, 23 Apr 2025 03:09:48 GMT
twitter.jpg
www.borncity.com/blog/wp-content/uploads/2015/11/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.borncity.com/blog/wp-content/uploads/2015/11/twitter.jpg
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/07/09/midnight-blizzard-hack-microsoft-sends-notification-to-customers-by-email-that-ends-up-in-spam-folders/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
0ba1ce0b603b5cd9644ef1bcf4b4ef017b745c3291b174ce8b3cd8172dba2a6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 10 Jul 2024 12:22:25 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Tue, 03 Nov 2015 17:07:10 GMT
Server
Apache
ETag
"84e-523a5eca7f57a"
X-Cache-Status
HIT
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2126
Expires
Tue, 22 Apr 2025 16:45:28 GMT
Instagram.jpg
www.borncity.com/blog/wp-content/uploads/2020/08/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.borncity.com/blog/wp-content/uploads/2020/08/Instagram.jpg
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/07/09/midnight-blizzard-hack-microsoft-sends-notification-to-customers-by-email-that-ends-up-in-spam-folders/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
42cf2af9b93be5f0438296f87681bd04395082bc350070b26ab2b131b3fec4cf

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 10 Jul 2024 12:22:25 GMT
Last-Modified
Thu, 13 Aug 2020 22:38:42 GMT
Server
Apache
ETag
"9c7-5acc9f764e083"
X-Cache-Status
HIT
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2503
RSS1.jpg
www.borncity.com/blog/wp-content/uploads/2013/04/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.borncity.com/blog/wp-content/uploads/2013/04/RSS1.jpg
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/07/09/midnight-blizzard-hack-microsoft-sends-notification-to-customers-by-email-that-ends-up-in-spam-folders/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
b0d10118b4c2a04cf01440306059697ea7a49cc57aa4d67a02952d808f7e4783

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 10 Jul 2024 12:22:25 GMT
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 05 Apr 2013 06:50:40 GMT
Server
Apache
ETag
"b6f-4d99781559000"
X-Cache-Status
HIT
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2927
Expires
Tue, 22 Apr 2025 20:32:18 GMT
MCC2011.jpg
www.borncity.com/blog/wp-content/uploads/2014/01/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.borncity.com/blog/wp-content/uploads/2014/01/MCC2011.jpg
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/07/09/midnight-blizzard-hack-microsoft-sends-notification-to-customers-by-email-that-ends-up-in-spam-folders/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
3b1f17738dc04df26c6a649ca8c79cf7bde5b8a6d3b4d60e6f996f69501c1945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 10 Jul 2024 12:22:24 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Tue, 07 Jan 2014 10:51:22 GMT
Server
Apache
ETag
"dfc-4ef5f282fde80"
X-Cache-Status
HIT
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3580
Expires
Tue, 22 Apr 2025 16:48:13 GMT
MVP-Logo.jpg
www.borncity.com/blog/wp-content/uploads/2013/07/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.borncity.com/blog/wp-content/uploads/2013/07/MVP-Logo.jpg
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/07/09/midnight-blizzard-hack-microsoft-sends-notification-to-customers-by-email-that-ends-up-in-spam-folders/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
7ba27fd3e53a7fbdb0637224a410395e9f39e64ba82e58d14789010991b162a8

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 10 Jul 2024 12:22:25 GMT
Last-Modified
Mon, 01 Jul 2013 16:57:29 GMT
Server
Apache
ETag
"1055-4e0761fac7040"
X-Cache-Status
HIT
Content-Type
image/jpeg
Cache-Control
max-age=31557600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4181
Expires
Wed, 23 Apr 2025 03:23:50 GMT
Paypal.jpg
www.borncity.com/blog/wp-content/uploads/2018/05/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.borncity.com/blog/wp-content/uploads/2018/05/Paypal.jpg
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/07/09/midnight-blizzard-hack-microsoft-sends-notification-to-customers-by-email-that-ends-up-in-spam-folders/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
755164183da7d6153ad802913dad65a434ea9c1560b79522ddfde2aec0c8cf2b

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 10 Jul 2024 12:22:25 GMT
Last-Modified
Thu, 24 May 2018 14:33:20 GMT
Server
Apache
ETag
"632-56cf4886a44a9"
X-Cache-Status
HIT
Content-Type
image/jpeg
Cache-Control
max-age=31557600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1586
Expires
Wed, 23 Apr 2025 03:09:48 GMT
comment-reply.min.js
borncity.com/win/wp-includes/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://borncity.com/win/wp-includes/js/comment-reply.min.js?ver=5617c3709517892b9f2b579965c7df84
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/07/09/midnight-blizzard-hack-microsoft-sends-notification-to-customers-by-email-that-ends-up-in-spam-folders/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

Referer
https://borncity.com/win/2024/07/09/midnight-blizzard-hack-microsoft-sends-notification-to-customers-by-email-that-ends-up-in-spam-folders/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 10 Jul 2024 12:22:24 GMT
Last-Modified
Tue, 24 May 2022 21:40:15 GMT
Server
Apache
ETag
"ba5-5dfc8cd5910d9"
X-Cache-Status
HIT
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2981
script.js
borncity.com/win/wp-content/plugins/koko-analytics/assets/dist/js/ 		844 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://borncity.com/win/wp-content/plugins/koko-analytics/assets/dist/js/script.js?ver=1.3.10
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/07/09/midnight-blizzard-hack-microsoft-sends-notification-to-customers-by-email-that-ends-up-in-spam-folders/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
6f61af37b95e05b03ee618c5ccce9fac652549ef4c6515ff3b4f959ddb0ff52f

Request headers

Referer
https://borncity.com/win/2024/07/09/midnight-blizzard-hack-microsoft-sends-notification-to-customers-by-email-that-ends-up-in-spam-folders/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 10 Jul 2024 12:22:24 GMT
Last-Modified
Fri, 21 Jun 2024 03:56:18 GMT
Server
Apache
ETag
"34c-61b5e69ef63e6"
X-Cache-Status
HIT
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
844
wordpress.png
borncity.com/win/wp-content/themes/twentyten/images/ 		794 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://borncity.com/win/wp-content/themes/twentyten/images/wordpress.png
Requested by
Host: borncity.com
URL: https://borncity.com/win/wp-content/themes/twentyten/style.css?ver=20240402
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
61d00189e16b4ae467e9f3283ccf459d666950277c866c82f337534951b50f51

Request headers

Referer
https://borncity.com/win/wp-content/themes/twentyten/style.css?ver=20240402
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 10 Jul 2024 12:22:24 GMT
Last-Modified
Wed, 03 Apr 2024 05:42:33 GMT
Server
Apache
ETag
"31a-6152ab06f4612"
X-Cache-Status
HIT
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
794
tag
btloader.com/ 		116 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=4807305727574016&upapi=true
Requested by
Host: cdns.symplr.de
URL: https://cdns.symplr.de/borncity.com/borncity.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.41.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c7cf6acfc734f36fc9e4d38e0fc7411f1fdcc048a8d4da5b3b117d2251efee2

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 12:22:25 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
last-modified
Wed, 10 Jul 2024 11:35:27 GMT
server
cloudflare
age
2657
etag
"a41b6050b526f3bbef3aa7986c7e6fa1"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges
bytes
cf-ray
8a1084e76f119b4f-FRA
content-length
31700
wrapperMessagingWithoutDetection.js
cdn.privacy-mgmt.com/unified/ 		129 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Requested by
Host: cdns.symplr.de
URL: https://cdns.symplr.de/borncity.com/borncity.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-122.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
25dfb0e395e26c92cbb9ed5e54fff3a64ec8e1a3ae653555d4c5ae81ba087213

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 11:52:25 GMT
content-encoding
br
via
1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
last-modified
Tue, 18 Jun 2024 15:29:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
1800
x-amz-server-side-encryption
AES256
etag
W/"614d1a5043fbedabab7a77a278247fe8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
-Quyi5AwtbpEDSbozpFqx26qpX9P5onyVltoaYzoTKrAquncTG6WsQ==
jquery.min.js
borncity.com/win/wp-includes/js/jquery/ 		86 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://borncity.com/win/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/07/09/midnight-blizzard-hack-microsoft-sends-notification-to-customers-by-email-that-ends-up-in-spam-folders/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

Referer
https://borncity.com/win/2024/07/09/midnight-blizzard-hack-microsoft-sends-notification-to-customers-by-email-that-ends-up-in-spam-folders/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 10 Jul 2024 12:22:24 GMT
Last-Modified
Wed, 08 Nov 2023 02:28:24 GMT
Server
Apache
ETag
"15601-6099ad7757c28"
X-Cache-Status
HIT
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
87553
gdpr-tcf.da52e36b5e2f05c6aae3.bundle.js
cdn.privacy-mgmt.com/unified/4.25.0/ 		156 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/unified/4.25.0/gdpr-tcf.da52e36b5e2f05c6aae3.bundle.js
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-122.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
924e5cdd56019f10cefe4b4a8b8f6ca2295efdde1f670ebf02a1001f063d6e7f

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 18 Jun 2024 15:29:45 GMT
content-encoding
br
via
1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
last-modified
Tue, 18 Jun 2024 13:35:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
1889561
etag
W/"bdb59e0d65d41ca36dfd737b94eac1d0"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
bj3EXYZC5ITEB7P8btGcoOF7OIZ_BSMbSfjdw4Ibl_h3wh8jX5ymTg==
get_site_data
cdn.privacy-mgmt.com/mms/v2/ 		200 B
604 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/mms/v2/get_site_data?hasCsp=true&href=https%3A%2F%2Fborncity.com%2Fwin%2F2024%2F07%2F09%2Fmidnight-blizzard-hack-microsoft-sends-notification-to-customers-by-email-that-ends-up-in-spam-folders%2F&account_id=1061
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-122.fra6.r.cloudfront.net
Software
/
Resource Hash
40b1f415776ae91395107efa61cfd2a5d0fb2884000506ac2fb886d9fca6eac0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 12:22:25 GMT
strict-transport-security
max-age=15552000; includeSubdomains
x-sp-mms-node
ip-10-128-33-77
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
max-age=3600, s-maxage=86400
access-control-allow-credentials
true
x-amz-cf-id
a7xNYeIlZmXgV3Ehe_LoTePWTmIJ0c09HZl0WVMRG0OMCJEFaGtX3w==
jquery-migrate.min.js
borncity.com/win/wp-includes/js/jquery/ 		13 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://borncity.com/win/wp-includes/js/jquery/jquery-migrate.min.js?ver=6.5.5
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/07/09/midnight-blizzard-hack-microsoft-sends-notification-to-customers-by-email-that-ends-up-in-spam-folders/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

Referer
https://borncity.com/win/2024/07/09/midnight-blizzard-hack-microsoft-sends-notification-to-customers-by-email-that-ends-up-in-spam-folders/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 10 Jul 2024 12:22:25 GMT
Last-Modified
Wed, 09 Aug 2023 14:25:00 GMT
Server
Apache
ETag
"3509-6027e3ea1be5e"
X-Cache-Status
HIT
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13577
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		159 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9683669630486717
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/07/09/midnight-blizzard-hack-microsoft-sends-notification-to-customers-by-email-that-ends-up-in-spam-folders/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
69d2658ef90c84431fd234a081573a81602e001e947134635d045a7c75d73d17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://borncity.com/
Origin
https://borncity.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 12:22:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53443
x-xss-protection
0
server
cafe
etag
1971086157660346766
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Wed, 10 Jul 2024 12:22:25 GMT
34390
borncity.com/win/wp-json/post-views-counter/view-post/ 		136 B
808 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://borncity.com/win/wp-json/post-views-counter/view-post/34390
Requested by
Host: borncity.com
URL: https://borncity.com/win/wp-content/plugins/post-views-counter/js/frontend.min.js?ver=1.4.7
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
ad1e1e963e6a36bd2a2eb49512bc9815b9eeac4f133e295bf2d14d525d0e5452
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://borncity.com/win/2024/07/09/midnight-blizzard-hack-microsoft-sends-notification-to-customers-by-email-that-ends-up-in-spam-folders/
X-WP-Nonce
a9f14a1ad4
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

Date
Wed, 10 Jul 2024 12:22:25 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
136
Server
Apache
Allow
POST
Access-Control-Allow-Methods
OPTIONS, GET, POST, PUT, PATCH, DELETE
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://borncity.com
Access-Control-Expose-Headers
X-WP-Total, X-WP-TotalPages, Link
Vary
Origin
Access-Control-Allow-Credentials
true
X-Robots-Tag
noindex
X-WP-Nonce
a9f14a1ad4
Link
<https://borncity.com/win/wp-json/>; rel="https://api.w.org/"
Access-Control-Allow-Headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
meta-data
cdn.privacy-mgmt.com/wrapper/v2/ 		224 B
759 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/wrapper/v2/meta-data?hasCsp=true&accountId=1061&env=prod&metadata=%7B%22gdpr%22%3A%7B%7D%7D&propertyId=10883&scriptVersion=4.25.0&scriptType=unified
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-122.fra6.r.cloudfront.net
Software
/ Express
Resource Hash
ae6c875e854cf0ff4b6b8e2c0b6ddb7b27b980cf5aba82103c5d4835317cb00b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 12:15:57 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
388
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
224
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=3600
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id
DUpkvKLZ3puyZz3xNsRvJ6IC2ELWTi0wZ-C3dOqEkik7sEGUsIrBpQ==
messages
cdn.privacy-mgmt.com/wrapper/v2/ 		57 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/wrapper/v2/messages?hasCsp=true&env=prod&body=%7B%22accountId%22%3A1061%2C%22campaignEnv%22%3A%22prod%22%2C%22campaigns%22%3A%7B%22gdpr%22%3A%7B%22consentStatus%22%3A%7B%7D%2C%22targetingParams%22%3A%7B%7D%7D%7D%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fcdn.privacy-mgmt.com%22%2C%22hasCSP%22%3Atrue%2C%22includeData%22%3A%7B%22localState%22%3A%7B%22type%22%3A%22string%22%7D%2C%22actions%22%3A%7B%22type%22%3A%22RecordString%22%7D%2C%22cookies%22%3A%7B%22type%22%3A%22RecordString%22%7D%7D%2C%22propertyHref%22%3A%22https%3A%2F%2Fborncity.com%2Fwin%2F2024%2F07%2F09%2Fmidnight-blizzard-hack-microsoft-sends-notification-to-customers-by-email-that-ends-up-in-spam-folders%2F%22%7D&localState=null&metadata=%7B%22gdpr%22%3A%7B%22applies%22%3Atrue%7D%7D&nonKeyedLocalState=null&ch=44566936044566936084f1&scriptVersion=4.25.0&scriptType=unified
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-122.fra6.r.cloudfront.net
Software
/ Express
Resource Hash
1d1fc40408bbd5f6b131035fe751e09a0877ec7f9866816def81c823ff964f7e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 12:22:25 GMT
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
max-age=0, s-maxage=1200
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id
L4l_0dK6XVX8ZCqzHiliyU9LYVp9UQHd6tN4t00TOciyKw3YN71oBg==
state
api.btloader.com/mw/ 		0
101 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=4807305727574016&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 10 Jul 2024 12:22:25 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/ 		43 B
908 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/07/09/midnight-blizzard-hack-microsoft-sends-notification-to-customers-by-email-that-ends-up-in-spam-folders/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 12:22:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
246980
x-guploader-uploadid
ABPtcPoL0XC8KArbJKu6QSTO5pu3I7XO1ez8eat0_1lzuzKPQaVq7bmvAaf7dM4JhcAllFEoxdxPFL7-Zw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zGW9Z%2BmLB9F9nfKt%2FX9mV%2FIHZGwY9EZaD4WpCgOW5T5FtaHTL2gOavVjYCTPTcMcrw1nvUhXQsxTVuLAM2bGyGLV19Ds23pJTRZYwx7c%2BsqOFOSB1XcDpFoA33rZCHstUw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
8a1084eb3b8a8ed8-FRA
expires
Thu, 11 Jul 2024 12:22:25 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/07/09/midnight-blizzard-hack-microsoft-sends-notification-to-customers-by-email-that-ends-up-in-spam-folders/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 02:45:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34641
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 11 Jul 2024 02:45:04 GMT
px.gif
ad-delivery.net/ 		43 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.7888320571977643
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/07/09/midnight-blizzard-hack-microsoft-sends-notification-to-customers-by-email-that-ends-up-in-spam-folders/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 12:22:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
246980
x-guploader-uploadid
ABPtcPoL0XC8KArbJKu6QSTO5pu3I7XO1ez8eat0_1lzuzKPQaVq7bmvAaf7dM4JhcAllFEoxdxPFL7-Zw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vm%2BVKUp1q98P3QFhWMHPKLaswvuh5ZAXC4%2FDjDiL2ymdOE4xwA6OkTdpY%2B9u35V7lt%2FOwTle%2BKbyPkFg0g%2FqM6GuUVtkphJY%2BKeNxaiTeciOOKx0EHcHNqi3jBU99NGTfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
8a1084eb3b8d8ed8-FRA
expires
Thu, 11 Jul 2024 12:22:25 GMT
slotcar_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407030101/ 		93 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407030101/slotcar_library_fy2021.js?bust=31085128
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9683669630486717
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
6c8e45deee6c4411584dc529889094115a6e3e7f70f0243ee4e2bd0242dd47b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 12:22:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33233
x-xss-protection
0
server
cafe
etag
469149897901725403
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 10 Jul 2024 12:22:25 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407030101/ 		424 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9683669630486717&plah=borncity.com&aplac=true&bust=31085128
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9683669630486717
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
79e852e010560d5a4c126932280feff838ef529ab084b2aaf539c9d47ce24db9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 12:22:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146730
x-xss-protection
0
server
cafe
etag
1597380927485184928
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 10 Jul 2024 12:22:25 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=new_abg_tag&value=true&host_v=false&frequency=0.01&eid=44759876%2C44759927%2C44759837%2C44798934%2C95334509%2C95334527%2C95334829%2C95337062%2C31085128
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/07/09/midnight-blizzard-hack-microsoft-sends-notification-to-customers-by-email-that-ends-up-in-spam-folders/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jul 2024 12:22:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=overlay_settings_from_ppabg&p_s=false&eid=44759876%2C44759927%2C44759837%2C44798934%2C95334509%2C95334527%2C95334829%2C95337062%2C31085128
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/07/09/midnight-blizzard-hack-microsoft-sends-notification-to-customers-by-email-that-ends-up-in-spam-folders/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jul 2024 12:22:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=abg::amalserr&status=tcto&guarding=true&timeout=50&rate=0.01&eid=44759876%2C44759927%2C44759837%2C44798934%2C95334509%2C95334527%2C95334829%2C95337062%2C31085128
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/07/09/midnight-blizzard-hack-microsoft-sends-notification-to-customers-by-email-that-ends-up-in-spam-folders/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jul 2024 12:22:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pv-data
cdn.privacy-mgmt.com/wrapper/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/wrapper/v2/pv-data?hasCsp=true&env=prod&ch=44566936044566936084f1&scriptVersion=4.25.0&scriptType=unified
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-122.fra6.r.cloudfront.net
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://borncity.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
access-control-allow-origin
https://borncity.com
allow
POST
cache-control
no-cache, no-store
content-length
4
content-type
text/html; charset=utf-8
date
Wed, 10 Jul 2024 12:22:25 GMT
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
x-amz-cf-id
Yo02rmM069YRMBiUwiEMvDqGRYehzm9NvaSuMoDSPlQAIuVsPR2DlA==
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
x-powered-by
Express
pv-data
cdn.privacy-mgmt.com/wrapper/v2/ 		194 B
727 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/wrapper/v2/pv-data?hasCsp=true&env=prod&ch=44566936044566936084f1&scriptVersion=4.25.0&scriptType=unified
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-122.fra6.r.cloudfront.net
Software
/ Express
Resource Hash
024105352395d4158f3e4c9686873eb7ec302c50372b5606ed07c6428782bde8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 10 Jul 2024 12:22:25 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://borncity.com
x-cache
Miss from cloudfront
cache-control
no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
content-length
194
x-amz-cf-id
GO395p5ulofN0p9fL6pm6SpFdsXnW_mOEShpRJObx5Ci5eU7BC4d6w==
index.html
cdn.privacy-mgmt.com/ Frame 16CC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/index.html?hasCsp=true&message_id=894502&consentUUID=null&consent_origin=https%3A%2F%2Fcdn.privacy-mgmt.com%2Fconsent%2Ftcfv2&preload_message=true&version=v1
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-40.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://borncity.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

age
503
cache-control
max-age=3600
content-encoding
gzip
content-type
text/html
date
Wed, 10 Jul 2024 12:14:03 GMT
etag
W/"f107a76c03cbe0bfc9103bbe9ea917b5"
last-modified
Tue, 18 Jun 2024 15:50:44 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
x-amz-cf-id
Z5omnqWUJ-gzj542K1azEDXLHIxEL4n-O00wxJsC8AtXDJd6J2BogA==
x-amz-cf-pop
FRA6-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=slotcar&event=api_ld&time=209&time_pr=1720614145545&eid=44759876%2C44759927%2C44759837%2C44798934%2C95334509%2C95334527%2C95334829%2C95337062%2C31085128
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/07/09/midnight-blizzard-hack-microsoft-sends-notification-to-customers-by-email-that-ends-up-in-spam-folders/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jul 2024 12:22:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=afc_etu&etus=4&sig=3&tms=200&eid=44759876%2C44759927%2C44759837%2C44798934%2C95334509%2C95334527%2C95334829%2C95337062%2C31085128%2C31078663%2C31078668%2C31078670
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/07/09/midnight-blizzard-hack-microsoft-sends-notification-to-customers-by-email-that-ends-up-in-spam-folders/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jul 2024 12:22:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=afc_etu&etus=4&sig=0&tms=200&eid=44759876%2C44759927%2C44759837%2C44798934%2C95334509%2C95334527%2C95334829%2C95337062%2C31085128%2C31078663%2C31078668%2C31078670
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/07/09/midnight-blizzard-hack-microsoft-sends-notification-to-customers-by-email-that-ends-up-in-spam-folders/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jul 2024 12:22:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9683669630486717
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=afc_etu&etus=4&sig=1&tms=200&eid=44759876%2C44759927%2C44759837%2C44798934%2C95334509%2C95334527%2C95334829%2C95337062%2C31085128%2C31078663%2C31078668%2C31078670
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/07/09/midnight-blizzard-hack-microsoft-sends-notification-to-customers-by-email-that-ends-up-in-spam-folders/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jul 2024 12:22:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
country
api.btloader.com/ 		37 B
153 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country?o=4807305727574016
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=4807305727574016&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
04fcb3b36a8a7bdccb4d6d19f659416dbea46e4599303c362b95cc36b079c1ce

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 12:22:25 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
pv
api.btloader.com/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=GSWMcuZm&w=4697188399054848&o=4807305727574016&cv=2.1.46-1-ge6dd43d&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fborncity.com%2Fwin%2F2024%2F07%2F09%2Fmidnight-blizzard-hack-microsoft-sends-notification-to-customers-by-email-that-ends-up-in-spam-folders%2F&sid=03DnHCjS3&pm=true&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=4807305727574016&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 10 Jul 2024 12:22:25 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
admin-ajax.php
borncity.com/win/wp-admin/ 		0
201 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://borncity.com/win/wp-admin/admin-ajax.php?action=koko_analytics_collect&p=34390&nv=1&up=1&r=
Requested by
Host: borncity.com
URL: https://borncity.com/win/wp-content/plugins/koko-analytics/assets/dist/js/script.js?ver=1.3.10
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://borncity.com/win/2024/07/09/midnight-blizzard-hack-microsoft-sends-notification-to-customers-by-email-that-ends-up-in-spam-folders/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 10 Jul 2024 12:22:25 GMT
Cache-Control
no-cache, must-revalidate, max-age=0
Server
Apache
Connection
keep-alive
Tk
N
Content-Length
0
Content-Type
text/plain
favicon.ico
borncity.com/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://borncity.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
47dc07b1577f8922b6ddfff2c7ca59c285f4308e39d371b851d7920f6d0adcfb

Request headers

Referer
https://borncity.com/win/2024/07/09/midnight-blizzard-hack-microsoft-sends-notification-to-customers-by-email-that-ends-up-in-spam-folders/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 10 Jul 2024 12:22:25 GMT
Last-Modified
Thu, 09 Jun 2011 14:00:39 GMT
Server
Apache
ETag
"57e-4a547e0c34fc0"
X-Cache-Status
HIT
Content-Type
image/x-icon
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1406

Verdicts & Comments Add Verdict or Comment

139 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| koko_analytics object| pvcArgsFrontend function| initPostViewsCounter object| adsbygoogle function| b2a function| a2b function| ai_run_scripts function| ai_wait_for_jquery function| b64e function| b64d object| ai_front number| ai_jquery_waiting_counter object| pbjs object| googletag function| getDataLayerKeys function| symplrLogo function| createCloseButton function| startCountdown function| programmaticAds function| sendPageImpressions function| getLocationHost function| createAdTextElements function| determineDeviceViewport function| findHighestValuesOfArray function| addWidthHeightToAdSlot function| checkIfRunPrebidAuctionIsDefined function| executeWhenReady function| triggerAuctionSymplr function| sendMonetizeErrorMessage function| sendPlistaErrorMessage function| fetchContextualData function| loadContextualData function| urlTargeting function| keyValueTargeting function| loadPpid function| _typeof object| cmpScript object| node function| checkConsentFunctionKey function| loadGoogle function| loadAmazon function| loadEmetric function| loadTeads function| sendClickPenaltyMessage function| activateClickPenaltyObserver function| sendDataToApi function| trackPageVisit function| startBeforeUnloadEvent function| loadJS function| injectStickyFooter function| calcDistanceByElement function| calcStickyHeaderOffsetFromTop function| repositionAd function| setStickyHeaderOffset function| addTextToSlot function| triggeredAdEvents function| userActivity function| userIsActive function| executeParallelAuctionAlongsidePrebid function| observedElementInView function| runPrebidAuction function| setCookie function| getCookie function| symplrDebug function| symplrConsole function| symplrGroup function| symplrGroupEnd function| gptDebug object| dataLayer function| sha256 function| sha224 function| __tcfapi object| _sp_queue object| _sp_ string| symplrLogoDisplay object| addComment object| _sp_wp_jsonp function| jQuery function| AiCookies function| ai_check_block function| ai_check_and_insert_block function| ai_load_cookie function| ai_set_cookie function| ai_get_cookie_text function| ai_insert function| ai_insert_code function| ai_insert_list_code function| ai_insert_viewport_code function| ai_insert_adsense_fallback_codes function| ai_insert_code_by_class function| ai_insert_client_code number| ai_sticky_delay function| ai_process_sticky_elements function| MobileDetect function| ai_run_346563324537 function| ai_document_write string| selector_string boolean| ai_js_code number| ai_sticky_sidebar_delay function| ai_process_lists function| ai_process_ip_addresses object| PostViewsCounter object| __bt object| __bt_intrnl object| __bt_tag_d object| element object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_tag_data object| google_reactive_ads_global_state object| google_llp object| google_image_requests object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| AFMA_AddEventListener function| AFMA_RemoveEventListener function| AFMA_AddObserver function| AFMA_RemoveObserver function| AFMA_ReceiveMessage function| AFMA_SendMessage object| AFMA_Communicator function| google_sa_impl boolean| __bt_already_invoked function| arrive function| unbindArrive function| leave function| unbindLeave

3 Cookies

Domain/Path Name / Value
borncity.com/win Name: _koko_analytics_pages_viewed
Value: 34390
borncity.com/ Name: pvc_visits_2[0]
Value: 1720700545b34390
.borncity.com/ Name: consentUUID
Value: 680dc6a2-cc06-4c4b-a2f4-e5d7823bd107

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-delivery.net
ad.doubleclick.net
api.btloader.com
borncity.com
btloader.com
cdn.privacy-mgmt.com
cdns.symplr.de
i.postimg.cc
pagead2.googlesyndication.com
vg09.met.vgwort.de
www.borncity.com
130.211.23.194
142.250.185.70
142.250.186.162
161.156.47.60
162.19.61.80
172.67.41.60
172.67.69.19
178.77.110.222
34.120.221.78
99.86.4.122
99.86.4.40
024105352395d4158f3e4c9686873eb7ec302c50372b5606ed07c6428782bde8
04fcb3b36a8a7bdccb4d6d19f659416dbea46e4599303c362b95cc36b079c1ce
0ba1ce0b603b5cd9644ef1bcf4b4ef017b745c3291b174ce8b3cd8172dba2a6c
0d585aebb9cb31821fbcc6b030e0d882b5639e17bb403f8eb5ce7b3b19f4a1c9
0ea483a3020f20467311f88198ac887d4c3032485b36f30ec83bfa93af6d12d2
1d1fc40408bbd5f6b131035fe751e09a0877ec7f9866816def81c823ff964f7e
23cee2ccbd6470bf92c4ad0f691d2068bc58b4826e2ecde2a1811266c1cd4b62
25dfb0e395e26c92cbb9ed5e54fff3a64ec8e1a3ae653555d4c5ae81ba087213
26ac8c2deb15b1214f36abe4ac45edd2763bb290b2a62cec0c68d40ed3a75d1f
2c7cf6acfc734f36fc9e4d38e0fc7411f1fdcc048a8d4da5b3b117d2251efee2
39e155d51048da4510471677309984b0f01ce87e9037a2064bdba92f6a27c026
3b1f17738dc04df26c6a649ca8c79cf7bde5b8a6d3b4d60e6f996f69501c1945
40b1f415776ae91395107efa61cfd2a5d0fb2884000506ac2fb886d9fca6eac0
4188f25f6e29108d6453113a3ea6787c500a6e488afe726bf1b6ee71e677a24f
42cf2af9b93be5f0438296f87681bd04395082bc350070b26ab2b131b3fec4cf
47dc07b1577f8922b6ddfff2c7ca59c285f4308e39d371b851d7920f6d0adcfb
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
61d00189e16b4ae467e9f3283ccf459d666950277c866c82f337534951b50f51
69d2658ef90c84431fd234a081573a81602e001e947134635d045a7c75d73d17
6c88fa19fa98f93026f2d8a26f7d970dbb935c4d335c7c78e9f1ff308f9c83d7
6c8e45deee6c4411584dc529889094115a6e3e7f70f0243ee4e2bd0242dd47b8
6f61af37b95e05b03ee618c5ccce9fac652549ef4c6515ff3b4f959ddb0ff52f
755164183da7d6153ad802913dad65a434ea9c1560b79522ddfde2aec0c8cf2b
79e852e010560d5a4c126932280feff838ef529ab084b2aaf539c9d47ce24db9
7ba27fd3e53a7fbdb0637224a410395e9f39e64ba82e58d14789010991b162a8
7dc8157f49d551265b609bca85bb7d35114241053d02b32940b748b6c0a8efa7
8e1f32f496ef9041f913c7818e126d3d4e30b83193d6285df915f7943001e09a
924e5cdd56019f10cefe4b4a8b8f6ca2295efdde1f670ebf02a1001f063d6e7f
9e2eea10086252c9e91043b719c97cf4031dbbee9716cba20342a2174aa795a0
ad1e1e963e6a36bd2a2eb49512bc9815b9eeac4f133e295bf2d14d525d0e5452
ae6c875e854cf0ff4b6b8e2c0b6ddb7b27b980cf5aba82103c5d4835317cb00b
b0d10118b4c2a04cf01440306059697ea7a49cc57aa4d67a02952d808f7e4783
b942db1882c41dce308124c97a782fb0b85662ce10118965966bdbf475c040fa
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d11453ec3adb83bba3952012fd47dbae52c0a0ddbaaa00ef6bd9db3a580a2d27
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6b18306875c56280201af94b0ab031e4ac49a70bf1161d7004dc2d5c01eeb4d