urlscan.io logo urlscan.io
SecurityTrails logo

borncity.com Open in urlscan Pro
178.77.110.222  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Effective URL: https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Submission: On August 12 via api from DE — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 2 countries across 9 domains to perform 47 HTTP transactions. The main IP is 178.77.110.222, located in Germany and belongs to GODADDY, DE. The main domain is borncity.com. The Cisco Umbrella rank of the primary domain is 657029.
TLS certificate: Issued by Starfield Secure Certificate Authorit... on March 6th 2024. Valid for: a year.
This is the only time borncity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
25 178.77.110.222 20773 (GODADDY)
1 34.120.221.78 396982 (GOOGLE-CL...)
1 2 161.156.47.60 36351 (SOFTLAYER)
1 162.249.168.129 26548 (PUREVOLTA...)
1 172.67.41.60 13335 (CLOUDFLAR...)
7 18.67.76.101 16509 (AMAZON-02)
1 18.67.76.50 16509 (AMAZON-02)
2 172.67.69.19 13335 (CLOUDFLAR...)
1 142.251.174.149 15169 (GOOGLE)
4 142.251.16.156 15169 (GOOGLE)
2 130.211.23.194 396982 (GOOGLE-CL...)
47 12
25    178.77.110.222 (Germany)

ASN20773 (GODADDY, DE)
PTR: vwp15938.webpack.hosteurope.de
borncity.com
www.borncity.com
1    34.120.221.78 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 78.221.120.34.bc.googleusercontent.com
cdns.symplr.de
2    161.156.47.60 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 3c.2f.9ca1.ip4.static.sl-reverse.com
vg09.met.vgwort.de
1    162.249.168.129 (United States)

ASN26548 (PUREVOLTAGE-INC, US)
i.postimg.cc
1    172.67.41.60 (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
7    18.67.76.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-76-101.iad89.r.cloudfront.net
cdn.privacy-mgmt.com
1    18.67.76.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-76-50.iad89.r.cloudfront.net
cdn.privacy-mgmt.com
2    172.67.69.19 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    142.251.174.149 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: qc-in-f149.1e100.net
ad.doubleclick.net
4    142.251.16.156 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f156.1e100.net
pagead2.googlesyndication.com
2    130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
Apex Domain
Subdomains		 Transfer
25 borncity.com
borncity.com — Cisco Umbrella Rank: 657029
www.borncity.com — Cisco Umbrella Rank: 759998
450 KB
8 privacy-mgmt.com
cdn.privacy-mgmt.com — Cisco Umbrella Rank: 4305
70 KB
4 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 157
225 KB
3 btloader.com
btloader.com — Cisco Umbrella Rank: 1573
api.btloader.com — Cisco Umbrella Rank: 1813
31 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1603
1 KB
2 vgwort.de
vg09.met.vgwort.de — Cisco Umbrella Rank: 289935
725 B
1 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 210
130 B
1 postimg.cc
i.postimg.cc — Cisco Umbrella Rank: 18626
91 KB
1 symplr.de
cdns.symplr.de — Cisco Umbrella Rank: 111923
24 KB
47 9
Domain Requested by
16 borncity.com borncity.com
9 www.borncity.com borncity.com
8 cdn.privacy-mgmt.com cdns.symplr.de
cdn.privacy-mgmt.com
4 pagead2.googlesyndication.com borncity.com
pagead2.googlesyndication.com
2 api.btloader.com btloader.com
2 ad-delivery.net borncity.com
2 vg09.met.vgwort.de 1 redirects borncity.com
1 ad.doubleclick.net borncity.com
1 btloader.com cdns.symplr.de
1 i.postimg.cc borncity.com
1 cdns.symplr.de borncity.com
47 11
Subject Issuer Validity Valid
www.borncity.com
Starfield Secure Certificate Authority - G2		 2024-03-06 -
2025-04-05		 a year crt.sh
cdns.symplr.de
WR3		 2024-07-02 -
2024-09-30		 3 months crt.sh
postimg.cc
R11		 2024-06-21 -
2024-09-19		 3 months crt.sh
btloader.com
WE1		 2024-08-10 -
2024-11-08		 3 months crt.sh
*.privacy-mgmt.com
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
ad-delivery.net
WE1		 2024-07-15 -
2024-10-13		 3 months crt.sh
*.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
api.btloader.com
WR3		 2024-08-02 -
2024-10-31		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Frame ID: 977E6DEF4493916B10C9383747311192
Requests: 45 HTTP requests in this frame

Frame: https://cdn.privacy-mgmt.com/index.html?hasCsp=true&message_id=894502&consentUUID=null&consent_origin=https%3A%2F%2Fcdn.privacy-mgmt.com%2Fconsent%2Ftcfv2&preload_message=true&version=v1
Frame ID: 0450DD15F095EA8F440CF3E36464DCF2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Windows Server at risk from PoC exploit for CVE-2024-38077 | Born's Tech and Windows World

Page URL History Show full URLs

  1. http://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/ HTTP 307
    https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

47
Requests

96 %
HTTPS

0 %
IPv6

9
Domains

11
Subdomains

12
IPs

2
Countries

893 kB
Transfer

1754 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/ HTTP 307
    https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://vg09.met.vgwort.de/na/7987f826381843f1b0205ec7ca7b9ac1 HTTP 302
  • https://vg09.met.vgwort.de/blank.gif

47 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Redirect Chain
  • http://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
  • https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
150 KB
150 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
c1b77c4a2ccf115076176ab626eb7740773c6d88d5c537bc96c705494f6de883

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control
private, proxy-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
text/html
Date
Mon, 12 Aug 2024 13:31:22 GMT
Link
<https://borncity.com/win/wp-json/>; rel="https://api.w.org/" <https://borncity.com/win/wp-json/wp/v2/posts/34748>; rel="alternate"; title="JSON"; type="application/json" <https://borncity.com/win/?p=34748>; rel=shortlink
Server
Apache
Transfer-Encoding
chunked
X-Cache-Status
MISS

Redirect headers

Location
https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Non-Authoritative-Reason
HttpsUpgrades
style.css
borncity.com/win/wp-content/themes/twentyten/ 		24 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://borncity.com/win/wp-content/themes/twentyten/style.css?ver=20240716
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
7dd23719da428fecef56ded30ed9e6f31f03aab2924aa17d3cbfc2fa51f97067

Request headers

Referer
https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 13:31:23 GMT
Last-Modified
Mon, 15 Jul 2024 21:31:05 GMT
Server
Apache
ETag
"60f1-61d4ff24e1217"
X-Cache-Status
HIT
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24817
dashicons.min.css
borncity.com/win/wp-includes/css/ 		58 KB
58 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://borncity.com/win/wp-includes/css/dashicons.min.css?ver=e17bc03a8fbc17ece530e2dd421576f4
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

Referer
https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 13:31:23 GMT
Last-Modified
Thu, 15 Apr 2021 08:36:49 GMT
Server
Apache
ETag
"e688-5bffec3b05f19"
X-Cache-Status
HIT
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
59016
frontend.min.css
borncity.com/win/wp-content/plugins/post-views-counter/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://borncity.com/win/wp-content/plugins/post-views-counter/css/frontend.min.css?ver=1.4.7
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
0d585aebb9cb31821fbcc6b030e0d882b5639e17bb403f8eb5ce7b3b19f4a1c9

Request headers

Referer
https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 13:31:23 GMT
Last-Modified
Fri, 21 Jun 2024 03:56:50 GMT
Server
Apache
ETag
"422-61b5e6bd93479"
X-Cache-Status
HIT
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1058
blocks.css
borncity.com/win/wp-content/themes/twentyten/ 		5 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://borncity.com/win/wp-content/themes/twentyten/blocks.css?ver=20230627
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
b942db1882c41dce308124c97a782fb0b85662ce10118965966bdbf475c040fa

Request headers

Referer
https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 13:31:24 GMT
Last-Modified
Mon, 15 Jul 2024 21:31:05 GMT
Server
Apache
ETag
"13e4-61d4ff24deb07"
X-Cache-Status
HIT
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5092
frontend.min.js
borncity.com/win/wp-content/plugins/post-views-counter/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://borncity.com/win/wp-content/plugins/post-views-counter/js/frontend.min.js?ver=1.4.7
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
0ea483a3020f20467311f88198ac887d4c3032485b36f30ec83bfa93af6d12d2

Request headers

Referer
https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 13:31:24 GMT
Last-Modified
Fri, 21 Jun 2024 03:56:50 GMT
Server
Apache
ETag
"aec-61b5e6bd95b8a"
X-Cache-Status
HIT
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2796
borncity.js
cdns.symplr.de/borncity.com/ 		95 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdns.symplr.de/borncity.com/borncity.js
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.221.78 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
78.221.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
0e438e2c5494ccb6e341823a3f019698aaeb386c2704fea23047d5b87c725f26

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 13:31:24 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
AHxI1nOK7ymT1toHWC_7fTzonhF1ZW0gLTuyR3l_74MgSfo5fF65_bOfvdpT6sn_i15vWhi3GbQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23938
last-modified
Tue, 06 Aug 2024 07:04:02 GMT
server
UploadServer
etag
"99f97455b7e6b058e2f60ce11c8c3767"
vary
Accept-Encoding
x-goog-generation
1722927842888515
x-goog-hash
crc32c=AMviGA==, md5=mfl0VbfmsFji9gzhHIw3Zw==
content-type
application/javascript
cache-control
public,max-age=3600,no-cache
x-goog-stored-content-length
23938
accept-ranges
bytes
cropped-header04.jpg
borncity.com/win/wp-content/uploads/sites/2/2014/12/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://borncity.com/win/wp-content/uploads/sites/2/2014/12/cropped-header04.jpg
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
6c88fa19fa98f93026f2d8a26f7d970dbb935c4d335c7c78e9f1ff308f9c83d7

Request headers

Referer
https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 13:31:24 GMT
Last-Modified
Sun, 07 Dec 2014 22:23:05 GMT
Server
Apache
ETag
"f0dd-509a7c10151ff"
X-Cache-Status
HIT
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
61661
Windows-klein.jpg
www.borncity.com/blog/wp-content/uploads/2021/04/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.borncity.com/blog/wp-content/uploads/2021/04/Windows-klein.jpg
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
9311ecfcb01c6dd16b96d5f5511642ddd553970ccc47cc5a1a986a1d3b58cb4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 13:31:24 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Thu, 29 Apr 2021 10:21:41 GMT
Server
Apache
ETag
"1834-5c119dc85a23d"
X-Cache-Status
HIT
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6196
Expires
Tue, 22 Apr 2025 17:05:29 GMT
blank.gif
vg09.met.vgwort.de/
Redirect Chain
  • https://vg09.met.vgwort.de/na/7987f826381843f1b0205ec7ca7b9ac1
  • https://vg09.met.vgwort.de/blank.gif
43 B
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vg09.met.vgwort.de/blank.gif
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Protocol
HTTP/1.1
Server
161.156.47.60 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
3c.2f.9ca1.ip4.static.sl-reverse.com
Software
keen /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 12 Aug 2024 13:31:25 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
keen
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Date
Mon, 12 Aug 2024 13:31:25 GMT
Last-Modified
Mon, 12 Aug 2024 13:31:25 GMT
Server
keen
Transfer-Encoding
chunked
Content-Type
text/html
Access-Control-Allow-Origin
*
Location
/blank.gif
Cache-Control
max-age=0, no-cache, must-revalidate, proxy-revalidate
Connection
keep-alive
Expires
Tue, 22 Aug 2000 15:05:01 GMT
image.png
i.postimg.cc/Y98PWW0S/ 		91 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.postimg.cc/Y98PWW0S/image.png
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.249.168.129 , United States, ASN26548 (PUREVOLTAGE-INC, US),
Reverse DNS
Software
nginx /
Resource Hash
7c58c339c0addd13ad513ad3ec2092cca96f00f732f0f8c7906bbe5f509aaa36

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 13:31:24 GMT
last-modified
Fri, 09 Aug 2024 06:21:16 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
92923
expires
Thu, 31 Dec 2037 23:55:55 GMT
W10Tricks1.jpg
www.borncity.com/blog/wp-content/uploads/2017/09/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.borncity.com/blog/wp-content/uploads/2017/09/W10Tricks1.jpg
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
39e155d51048da4510471677309984b0f01ce87e9037a2064bdba92f6a27c026
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 13:31:24 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Sun, 10 Sep 2017 09:14:53 GMT
Server
Apache
ETag
"2349-558d23e385b5e"
X-Cache-Status
HIT
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9033
Expires
Tue, 22 Apr 2025 16:50:07 GMT
AmazonPrime.jpg
borncity.com/win/wp-content/uploads/sites/2/2018/03/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://borncity.com/win/wp-content/uploads/sites/2/2018/03/AmazonPrime.jpg
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
23cee2ccbd6470bf92c4ad0f691d2068bc58b4826e2ecde2a1811266c1cd4b62

Request headers

Referer
https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 13:31:24 GMT
Last-Modified
Sat, 17 Mar 2018 14:04:47 GMT
Server
Apache
ETag
"b3c-5679c351daed2"
X-Cache-Status
HIT
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2876
facebook.jpg
www.borncity.com/blog/wp-content/uploads/2015/11/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.borncity.com/blog/wp-content/uploads/2015/11/facebook.jpg
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
8e1f32f496ef9041f913c7818e126d3d4e30b83193d6285df915f7943001e09a

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 13:31:24 GMT
Last-Modified
Tue, 03 Nov 2015 17:06:21 GMT
Server
Apache
ETag
"b83-523a5e9bce29e"
X-Cache-Status
HIT
Content-Type
image/jpeg
Cache-Control
max-age=31557600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2947
Expires
Wed, 23 Apr 2025 03:09:48 GMT
twitter.jpg
www.borncity.com/blog/wp-content/uploads/2015/11/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.borncity.com/blog/wp-content/uploads/2015/11/twitter.jpg
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
0ba1ce0b603b5cd9644ef1bcf4b4ef017b745c3291b174ce8b3cd8172dba2a6c

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 13:31:24 GMT
Last-Modified
Tue, 03 Nov 2015 17:07:10 GMT
Server
Apache
ETag
"84e-523a5eca7f57a"
X-Cache-Status
HIT
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2126
Instagram.jpg
www.borncity.com/blog/wp-content/uploads/2020/08/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.borncity.com/blog/wp-content/uploads/2020/08/Instagram.jpg
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
42cf2af9b93be5f0438296f87681bd04395082bc350070b26ab2b131b3fec4cf

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 13:31:24 GMT
Last-Modified
Thu, 13 Aug 2020 22:38:42 GMT
Server
Apache
ETag
"9c7-5acc9f764e083"
X-Cache-Status
HIT
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2503
RSS1.jpg
www.borncity.com/blog/wp-content/uploads/2013/04/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.borncity.com/blog/wp-content/uploads/2013/04/RSS1.jpg
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
b0d10118b4c2a04cf01440306059697ea7a49cc57aa4d67a02952d808f7e4783

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 13:31:24 GMT
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 05 Apr 2013 06:50:40 GMT
Server
Apache
ETag
"b6f-4d99781559000"
X-Cache-Status
HIT
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2927
Expires
Tue, 22 Apr 2025 20:32:18 GMT
MCC2011.jpg
www.borncity.com/blog/wp-content/uploads/2014/01/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.borncity.com/blog/wp-content/uploads/2014/01/MCC2011.jpg
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
3b1f17738dc04df26c6a649ca8c79cf7bde5b8a6d3b4d60e6f996f69501c1945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 13:31:25 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Tue, 07 Jan 2014 10:51:22 GMT
Server
Apache
ETag
"dfc-4ef5f282fde80"
X-Cache-Status
HIT
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3580
Expires
Tue, 22 Apr 2025 16:48:13 GMT
MVP-Logo.jpg
www.borncity.com/blog/wp-content/uploads/2013/07/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.borncity.com/blog/wp-content/uploads/2013/07/MVP-Logo.jpg
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
7ba27fd3e53a7fbdb0637224a410395e9f39e64ba82e58d14789010991b162a8

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 13:31:25 GMT
Last-Modified
Mon, 01 Jul 2013 16:57:29 GMT
Server
Apache
ETag
"1055-4e0761fac7040"
X-Cache-Status
HIT
Content-Type
image/jpeg
Cache-Control
max-age=31557600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4181
Expires
Wed, 23 Apr 2025 03:23:50 GMT
Paypal.jpg
www.borncity.com/blog/wp-content/uploads/2018/05/ 		0
0
comment-reply.min.js
borncity.com/win/wp-includes/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://borncity.com/win/wp-includes/js/comment-reply.min.js?ver=e17bc03a8fbc17ece530e2dd421576f4
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

Referer
https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 13:31:24 GMT
Last-Modified
Tue, 24 May 2022 21:40:15 GMT
Server
Apache
ETag
"ba5-5dfc8cd5910d9"
X-Cache-Status
HIT
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2981
script.js
borncity.com/win/wp-content/plugins/koko-analytics/assets/dist/js/ 		844 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://borncity.com/win/wp-content/plugins/koko-analytics/assets/dist/js/script.js?ver=1.3.10
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
6f61af37b95e05b03ee618c5ccce9fac652549ef4c6515ff3b4f959ddb0ff52f

Request headers

Referer
https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 13:31:24 GMT
Last-Modified
Fri, 21 Jun 2024 03:56:18 GMT
Server
Apache
ETag
"34c-61b5e69ef63e6"
X-Cache-Status
HIT
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
844
wordpress.png
borncity.com/win/wp-content/themes/twentyten/images/ 		794 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://borncity.com/win/wp-content/themes/twentyten/images/wordpress.png
Requested by
Host: borncity.com
URL: https://borncity.com/win/wp-content/themes/twentyten/style.css?ver=20240716
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
61d00189e16b4ae467e9f3283ccf459d666950277c866c82f337534951b50f51

Request headers

Referer
https://borncity.com/win/wp-content/themes/twentyten/style.css?ver=20240716
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 13:31:24 GMT
Last-Modified
Mon, 15 Jul 2024 21:31:05 GMT
Server
Apache
ETag
"31a-61d4ff24e1217"
X-Cache-Status
HIT
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
794
Paypal.jpg
www.borncity.com/blog/wp-content/uploads/2018/05/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.borncity.com/blog/wp-content/uploads/2018/05/Paypal.jpg
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
755164183da7d6153ad802913dad65a434ea9c1560b79522ddfde2aec0c8cf2b

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 13:31:25 GMT
Last-Modified
Thu, 24 May 2018 14:33:20 GMT
Server
Apache
ETag
"632-56cf4886a44a9"
X-Cache-Status
HIT
Content-Type
image/jpeg
Cache-Control
max-age=31557600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1586
Expires
Wed, 23 Apr 2025 03:09:48 GMT
tag
btloader.com/ 		116 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=4807305727574016&upapi=true
Requested by
Host: cdns.symplr.de
URL: https://cdns.symplr.de/borncity.com/borncity.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.41.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0716f4c2ef8b5a433cf7b8ca458458982a0ea3d502787b13bb12e715241f529

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 13:31:25 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
last-modified
Mon, 12 Aug 2024 13:28:17 GMT
server
cloudflare
age
23
etag
"168af6d26a0dc88418b1b707551ed27f"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges
bytes
cf-ray
8b20d35bbb2342a1-EWR
content-length
31636
wrapperMessagingWithoutDetection.js
cdn.privacy-mgmt.com/unified/ 		129 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Requested by
Host: cdns.symplr.de
URL: https://cdns.symplr.de/borncity.com/borncity.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-101.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fb6ab1073cde3166b6000e29997f96d96645c9cba747ba4058dfd6bdd3de5600

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 12:46:02 GMT
content-encoding
br
via
1.1 e453cfec7ab7b0f50057381607edb486.cloudfront.net (CloudFront)
last-modified
Thu, 01 Aug 2024 14:41:37 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-P2
age
2724
x-amz-server-side-encryption
AES256
etag
W/"733d2b8eabf5d16a3959bf362390f403"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
15VFuZFM_bl-kOXwe8qX9MvD5I8eFDBPa1swpp35vbyF7X1y2DhOUA==
34748
borncity.com/win/wp-json/post-views-counter/view-post/ 		136 B
808 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://borncity.com/win/wp-json/post-views-counter/view-post/34748
Requested by
Host: borncity.com
URL: https://borncity.com/win/wp-content/plugins/post-views-counter/js/frontend.min.js?ver=1.4.7
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
1497710ca1898540eb64e1b4397855851d368e1a07e0e915f667ddfdcf180285
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
X-WP-Nonce
319912e3cc
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

Date
Mon, 12 Aug 2024 13:31:25 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
136
Server
Apache
Allow
POST
Access-Control-Allow-Methods
OPTIONS, GET, POST, PUT, PATCH, DELETE
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://borncity.com
Access-Control-Expose-Headers
X-WP-Total, X-WP-TotalPages, Link
Vary
Origin
Access-Control-Allow-Credentials
true
X-Robots-Tag
noindex
X-WP-Nonce
319912e3cc
Link
<https://borncity.com/win/wp-json/>; rel="https://api.w.org/"
Access-Control-Allow-Headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
jquery.min.js
borncity.com/win/wp-includes/js/jquery/ 		86 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://borncity.com/win/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

Referer
https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 13:31:25 GMT
Last-Modified
Wed, 08 Nov 2023 02:28:24 GMT
Server
Apache
ETag
"15601-6099ad7757c28"
X-Cache-Status
HIT
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
87553
gdpr-tcf.da52e36b5e2f05c6aae3.bundle.js
cdn.privacy-mgmt.com/unified/4.25.1/ 		156 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/unified/4.25.1/gdpr-tcf.da52e36b5e2f05c6aae3.bundle.js
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-101.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
924e5cdd56019f10cefe4b4a8b8f6ca2295efdde1f670ebf02a1001f063d6e7f

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 14:42:32 GMT
content-encoding
br
via
1.1 e453cfec7ab7b0f50057381607edb486.cloudfront.net (CloudFront)
last-modified
Thu, 01 Aug 2024 14:16:34 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-P2
age
946134
etag
W/"bdb59e0d65d41ca36dfd737b94eac1d0"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
bnCUjb-Q2pbvVEfQgFvlYlxG18Iuj4FbyEFp_7b3UU7HPBBLiMYx9g==
get_site_data
cdn.privacy-mgmt.com/mms/v2/ 		202 B
616 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/mms/v2/get_site_data?hasCsp=true&href=https%3A%2F%2Fborncity.com%2Fwin%2F2024%2F08%2F09%2Fwindows-server-at-risk-from-poc-exploit-for-cve-2024-38077%2F&account_id=1061
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-101.iad89.r.cloudfront.net
Software
/
Resource Hash
e40fad148797abb3746b349a8d507ad01b9f073201116035601db7a7d276ec41
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 13:16:35 GMT
strict-transport-security
max-age=15552000; includeSubdomains
x-sp-mms-node
ip-10-128-17-204
via
1.1 624a1750702d82319b25f17c35c73d04.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-P2
age
890
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
x-cache
Hit from cloudfront
cache-control
max-age=3600, s-maxage=86400
access-control-allow-credentials
true
x-amz-cf-id
K2ZDI_2HINlL9TIMNgE2TuB8DZhUKGDkeWyNEY0janBQ6dSj37pf1w==
meta-data
cdn.privacy-mgmt.com/wrapper/v2/ 		224 B
760 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/wrapper/v2/meta-data?hasCsp=true&accountId=1061&env=prod&metadata=%7B%22gdpr%22%3A%7B%7D%7D&propertyId=10883&scriptVersion=4.25.1&scriptType=unified
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-101.iad89.r.cloudfront.net
Software
/ Express
Resource Hash
555ab9f7aa8129a682a9a85235ae0b3525f864d808dcb31ef16f5431162945b1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 12:47:16 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 624a1750702d82319b25f17c35c73d04.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-P2
age
2649
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
224
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=3600
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id
j9uM-l1fH_dbM8vubDg4qrkhTzwL324GGFQkCb4iJLefsg0zuM-W9A==
messages
cdn.privacy-mgmt.com/wrapper/v2/ 		57 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/wrapper/v2/messages?hasCsp=true&env=prod&body=%7B%22accountId%22%3A1061%2C%22campaignEnv%22%3A%22prod%22%2C%22campaigns%22%3A%7B%22gdpr%22%3A%7B%22consentStatus%22%3A%7B%7D%2C%22targetingParams%22%3A%7B%7D%7D%7D%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fcdn.privacy-mgmt.com%22%2C%22hasCSP%22%3Atrue%2C%22includeData%22%3A%7B%22localState%22%3A%7B%22type%22%3A%22string%22%7D%2C%22actions%22%3A%7B%22type%22%3A%22RecordString%22%7D%2C%22cookies%22%3A%7B%22type%22%3A%22RecordString%22%7D%7D%2C%22propertyHref%22%3A%22https%3A%2F%2Fborncity.com%2Fwin%2F2024%2F08%2F09%2Fwindows-server-at-risk-from-poc-exploit-for-cve-2024-38077%2F%22%7D&localState=null&metadata=%7B%22gdpr%22%3A%7B%22applies%22%3Atrue%7D%7D&nonKeyedLocalState=null&ch=45888624745888624784f1&scriptVersion=4.25.1&scriptType=unified
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-101.iad89.r.cloudfront.net
Software
/ Express
Resource Hash
d0c64f563a89650a8064e4970989d57e60b2a540ee70e0a9cac94be005e5de9a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 13:16:35 GMT
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
via
1.1 624a1750702d82319b25f17c35c73d04.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-P2
age
890
x-powered-by
Express
x-cache
Hit from cloudfront
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, s-maxage=1200
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id
v_L1ruz_iwQ-2W42g8GyccwS_78_ufPhI-hPX-BCHKMAJUxKYgOpgQ==
pv-data
cdn.privacy-mgmt.com/wrapper/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/wrapper/v2/pv-data?hasCsp=true&env=prod&ch=45888624745888624784f1&scriptVersion=4.25.1&scriptType=unified
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-101.iad89.r.cloudfront.net
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://borncity.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
access-control-allow-origin
https://borncity.com
allow
POST
cache-control
no-cache, no-store
content-length
4
content-type
text/html; charset=utf-8
date
Mon, 12 Aug 2024 13:31:25 GMT
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
via
1.1 624a1750702d82319b25f17c35c73d04.cloudfront.net (CloudFront)
x-amz-cf-id
ncbxk2GGWMQPMaFU6GmqVTJVQUxj0lkaOVSjmj-ecjI4Ky16g39MBQ==
x-amz-cf-pop
IAD89-P2
x-cache
Miss from cloudfront
x-powered-by
Express
pv-data
cdn.privacy-mgmt.com/wrapper/v2/ 		194 B
731 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/wrapper/v2/pv-data?hasCsp=true&env=prod&ch=45888624745888624784f1&scriptVersion=4.25.1&scriptType=unified
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-101.iad89.r.cloudfront.net
Software
/ Express
Resource Hash
2afaeb8198a2f5568ab940be94b57507582d751ccf51e941c02210df064cdec2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 12 Aug 2024 13:31:25 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 624a1750702d82319b25f17c35c73d04.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-P2
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://borncity.com
x-cache
Miss from cloudfront
cache-control
no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
content-length
194
x-amz-cf-id
fzsZy9G_KrG1Zpbk7SDDp2rq7pnwLsM_8THI6UsvWU4mE3GHdVV7IQ==
index.html
cdn.privacy-mgmt.com/ Frame 0450 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/index.html?hasCsp=true&message_id=894502&consentUUID=null&consent_origin=https%3A%2F%2Fcdn.privacy-mgmt.com%2Fconsent%2Ftcfv2&preload_message=true&version=v1
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-50.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://borncity.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age
2098
cache-control
max-age=3600
content-encoding
gzip
content-type
text/html
date
Mon, 12 Aug 2024 12:56:28 GMT
etag
W/"be688f8dbcdb21983c6cc828620b962e"
last-modified
Thu, 25 Jul 2024 17:10:27 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 122cd39a473c6e4835362753fc929a08.cloudfront.net (CloudFront)
x-amz-cf-id
0EemtNPnwnBkSY3ZdMsxtxdFVpjy_iBl4dRuBnMOzNmAfhuAf5nLXg==
x-amz-cf-pop
IAD89-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
px.gif
ad-delivery.net/ 		43 B
902 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 13:31:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1212167
x-guploader-uploadid
ABPtcPpGQj4M5XWsw0_afNd_e9OGg14LZRJ1uEm-mT1UqcHm2kBDuQd0t4vHO2_h4el5IlQxZBc
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y%2BMDyDEWT8UiBZUwu9blyLHkGw4Qmupy%2F%2BOvv9Eijv16G4UgxjZE7Tb5FXioee930ABoDKbn5XbnpR5Tuo0cul%2Bnrnccnh8nyuuKzx%2Fg6aTINpwvgIo58i%2F1l3XPKapvbA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
8b20d35e68db0ca5-EWR
expires
Tue, 13 Aug 2024 13:31:25 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.174.149 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qc-in-f149.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 05:23:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29253
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 13 Aug 2024 05:23:52 GMT
px.gif
ad-delivery.net/ 		43 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.7234006752789823
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 13:31:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1212167
x-guploader-uploadid
ABPtcPpGQj4M5XWsw0_afNd_e9OGg14LZRJ1uEm-mT1UqcHm2kBDuQd0t4vHO2_h4el5IlQxZBc
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HLUqZMhiOp5wh8LS9y%2FR47PbxfGZ8pV0w9%2BxMZEb38OKu7x7THrLheRm2yP454Solvzfwi9QlQ1wg4JEn58s%2Frg5%2BGGMBanJljuI64dzOi2Q5YSLm8vPGUou9yr0BEviYg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
8b20d35e68dd0ca5-EWR
expires
Tue, 13 Aug 2024 13:31:25 GMT
jquery-migrate.min.js
borncity.com/win/wp-includes/js/jquery/ 		13 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://borncity.com/win/wp-includes/js/jquery/jquery-migrate.min.js?ver=6.6.1
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

Referer
https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 13:31:25 GMT
Last-Modified
Wed, 09 Aug 2023 14:25:00 GMT
Server
Apache
ETag
"3509-6027e3ea1be5e"
X-Cache-Status
HIT
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13577
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		157 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9683669630486717
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
2a3c0f990df215ca67640f666aa17d7069254054823b3b049d2f2a9a49fec51c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://borncity.com/
Origin
https://borncity.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 13:31:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52465
x-xss-protection
0
server
cafe
etag
2964634316634799689
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Mon, 12 Aug 2024 13:31:26 GMT
country
api.btloader.com/ 		37 B
215 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country?o=4807305727574016
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=4807305727574016&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
b8f0ca68362cf245f891fc09ddfa50806d195e78e196cf96ac5d9cf72be2577a

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 13:31:25 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
pv
api.btloader.com/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=k9J0vWALX9&w=4697188399054848&o=4807305727574016&cv=2.1.48&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fborncity.com%2Fwin%2F2024%2F08%2F09%2Fwindows-server-at-risk-from-poc-exploit-for-cve-2024-38077%2F&sid=DjvwtxnQf0&pm=true&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=4807305727574016&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 12 Aug 2024 13:31:25 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
slotcar_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408060101/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408060101/slotcar_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9683669630486717
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
584182587fc77c23bd95d0c3444617b25fad999535440c1e2155f96d081019a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 13:31:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30694
x-xss-protection
0
server
cafe
etag
12620562737759698882
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Aug 2024 13:31:27 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408060101/ 		423 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408060101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9683669630486717
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
0adcdd2327c28e8da9d121ddf81510aca4ea525bbc7946c048295d6da9d36d62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 13:31:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
145920
x-xss-protection
0
server
cafe
etag
18168344769413870264
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Aug 2024 13:31:27 GMT
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9683669630486717
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
admin-ajax.php
borncity.com/win/wp-admin/ 		0
201 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://borncity.com/win/wp-admin/admin-ajax.php?action=koko_analytics_collect&p=34748&nv=1&up=1&r=
Requested by
Host: borncity.com
URL: https://borncity.com/win/wp-content/plugins/koko-analytics/assets/dist/js/script.js?ver=1.3.10
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 13:31:27 GMT
Cache-Control
no-cache, must-revalidate, max-age=0
Server
Apache
Connection
keep-alive
Tk
N
Content-Length
0
Content-Type
text/plain
favicon.ico
borncity.com/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://borncity.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
47dc07b1577f8922b6ddfff2c7ca59c285f4308e39d371b851d7920f6d0adcfb

Request headers

Referer
https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 13:31:27 GMT
Last-Modified
Thu, 09 Jun 2011 14:00:39 GMT
Server
Apache
ETag
"57e-4a547e0c34fc0"
X-Cache-Status
HIT
Content-Type
image/x-icon
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1406

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.borncity.com
URL
https://www.borncity.com/blog/wp-content/uploads/2018/05/Paypal.jpg

Verdicts & Comments Add Verdict or Comment

141 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| koko_analytics object| pvcArgsFrontend function| initPostViewsCounter function| b2a function| a2b function| ai_run_scripts function| ai_wait_for_jquery function| b64e function| b64d object| ai_front number| ai_jquery_waiting_counter object| addComment object| pbjs object| googletag function| getDataLayerKeys function| symplrLogo function| createCloseButton function| startCountdown function| programmaticAds function| sendPageImpressions function| getLocationHost function| createAdTextElements function| determineDeviceViewport function| findHighestValuesOfArray function| addWidthHeightToAdSlot function| checkIfRunPrebidAuctionIsDefined function| executeWhenReady function| triggerAuctionSymplr function| sendMonetizeErrorMessage function| sendPlistaErrorMessage function| fetchContextualData function| loadContextualData function| urlTargeting function| keyValueTargeting function| loadPpid function| _typeof object| cmpScript object| node function| checkConsentFunctionKey function| loadGoogle function| loadAmazon function| loadEmetric function| loadTeads function| sendClickPenaltyMessage function| activateClickPenaltyObserver function| sendDataToApi function| collectAnalyticsData function| trackPageExit function| startExitEvent function| trackPageInactivity function| resetInactivityTimer function| startInactivityEvent function| loadJS function| injectStickyFooter function| calcDistanceByElement function| calcStickyHeaderOffsetFromTop function| repositionAd function| setStickyHeaderOffset function| addTextToSlot function| triggeredAdEvents function| userActivity function| userIsActive function| executeParallelAuctionAlongsidePrebid function| observedElementInView function| runPrebidAuction function| setCookie function| getCookie function| symplrDebug function| symplrConsole function| symplrGroup function| symplrGroupEnd function| gptDebug object| dataLayer function| sha256 function| sha224 function| __tcfapi object| _sp_queue object| _sp_ object| PostViewsCounter object| _sp_wp_jsonp object| __bt object| __bt_intrnl object| __bt_tag_d function| jQuery function| AiCookies function| ai_check_block function| ai_check_and_insert_block function| ai_load_cookie function| ai_set_cookie function| ai_get_cookie_text function| ai_insert function| ai_insert_code function| ai_insert_list_code function| ai_insert_viewport_code function| ai_insert_adsense_fallback_codes function| ai_insert_code_by_class function| ai_insert_client_code number| ai_sticky_delay function| ai_process_sticky_elements function| MobileDetect function| ai_run_903781813266 function| ai_document_write string| selector_string boolean| ai_js_code number| ai_sticky_sidebar_delay function| ai_process_lists function| ai_process_ip_addresses boolean| __bt_already_invoked object| element object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_llp object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| AFMA_AddEventListener function| AFMA_RemoveEventListener function| AFMA_AddObserver function| AFMA_RemoveObserver function| AFMA_ReceiveMessage function| AFMA_SendMessage object| AFMA_Communicator function| google_sa_impl function| arrive function| unbindArrive function| leave function| unbindLeave

3 Cookies

Domain/Path Name / Value
borncity.com/win Name: _koko_analytics_pages_viewed
Value: 34748
.borncity.com/ Name: consentUUID
Value: f08168c1-a90c-4f7c-aee0-a08d654cc281
borncity.com/ Name: pvc_visits_2[0]
Value: 1723555885b34748

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-delivery.net
ad.doubleclick.net
api.btloader.com
borncity.com
btloader.com
cdn.privacy-mgmt.com
cdns.symplr.de
i.postimg.cc
pagead2.googlesyndication.com
vg09.met.vgwort.de
www.borncity.com
www.borncity.com
130.211.23.194
142.251.16.156
142.251.174.149
161.156.47.60
162.249.168.129
172.67.41.60
172.67.69.19
178.77.110.222
18.67.76.101
18.67.76.50
34.120.221.78
0adcdd2327c28e8da9d121ddf81510aca4ea525bbc7946c048295d6da9d36d62
0ba1ce0b603b5cd9644ef1bcf4b4ef017b745c3291b174ce8b3cd8172dba2a6c
0d585aebb9cb31821fbcc6b030e0d882b5639e17bb403f8eb5ce7b3b19f4a1c9
0e438e2c5494ccb6e341823a3f019698aaeb386c2704fea23047d5b87c725f26
0ea483a3020f20467311f88198ac887d4c3032485b36f30ec83bfa93af6d12d2
1497710ca1898540eb64e1b4397855851d368e1a07e0e915f667ddfdcf180285
23cee2ccbd6470bf92c4ad0f691d2068bc58b4826e2ecde2a1811266c1cd4b62
2a3c0f990df215ca67640f666aa17d7069254054823b3b049d2f2a9a49fec51c
2afaeb8198a2f5568ab940be94b57507582d751ccf51e941c02210df064cdec2
39e155d51048da4510471677309984b0f01ce87e9037a2064bdba92f6a27c026
3b1f17738dc04df26c6a649ca8c79cf7bde5b8a6d3b4d60e6f996f69501c1945
42cf2af9b93be5f0438296f87681bd04395082bc350070b26ab2b131b3fec4cf
47dc07b1577f8922b6ddfff2c7ca59c285f4308e39d371b851d7920f6d0adcfb
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
555ab9f7aa8129a682a9a85235ae0b3525f864d808dcb31ef16f5431162945b1
584182587fc77c23bd95d0c3444617b25fad999535440c1e2155f96d081019a0
61d00189e16b4ae467e9f3283ccf459d666950277c866c82f337534951b50f51
6c88fa19fa98f93026f2d8a26f7d970dbb935c4d335c7c78e9f1ff308f9c83d7
6f61af37b95e05b03ee618c5ccce9fac652549ef4c6515ff3b4f959ddb0ff52f
755164183da7d6153ad802913dad65a434ea9c1560b79522ddfde2aec0c8cf2b
7ba27fd3e53a7fbdb0637224a410395e9f39e64ba82e58d14789010991b162a8
7c58c339c0addd13ad513ad3ec2092cca96f00f732f0f8c7906bbe5f509aaa36
7dd23719da428fecef56ded30ed9e6f31f03aab2924aa17d3cbfc2fa51f97067
8e1f32f496ef9041f913c7818e126d3d4e30b83193d6285df915f7943001e09a
924e5cdd56019f10cefe4b4a8b8f6ca2295efdde1f670ebf02a1001f063d6e7f
9311ecfcb01c6dd16b96d5f5511642ddd553970ccc47cc5a1a986a1d3b58cb4d
b0d10118b4c2a04cf01440306059697ea7a49cc57aa4d67a02952d808f7e4783
b8f0ca68362cf245f891fc09ddfa50806d195e78e196cf96ac5d9cf72be2577a
b942db1882c41dce308124c97a782fb0b85662ce10118965966bdbf475c040fa
c1b77c4a2ccf115076176ab626eb7740773c6d88d5c537bc96c705494f6de883
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0716f4c2ef8b5a433cf7b8ca458458982a0ea3d502787b13bb12e715241f529
d0c64f563a89650a8064e4970989d57e60b2a540ee70e0a9cac94be005e5de9a
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40fad148797abb3746b349a8d507ad01b9f073201116035601db7a7d276ec41
fb6ab1073cde3166b6000e29997f96d96645c9cba747ba4058dfd6bdd3de5600