urlscan.io logo urlscan.io
SecurityTrails logo

borncity.com Open in urlscan Pro
178.77.110.222  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Effective URL: https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Submission: On August 12 via api from DE — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 9 domains to perform 44 HTTP transactions. The main IP is 178.77.110.222, located in Germany and belongs to GODADDY, DE. The main domain is borncity.com. The Cisco Umbrella rank of the primary domain is 657029.
TLS certificate: Issued by Starfield Secure Certificate Authorit... on March 6th 2024. Valid for: a year.
This is the only time borncity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
23 178.77.110.222 20773 (GODADDY)
1 34.120.221.78 396982 (GOOGLE-CL...)
1 2 161.156.47.60 36351 (SOFTLAYER)
1 172.67.41.60 13335 (CLOUDFLAR...)
7 18.238.55.48 16509 (AMAZON-02)
4 142.251.40.162 15169 (GOOGLE)
2 104.26.3.70 13335 (CLOUDFLAR...)
1 142.251.40.198 15169 (GOOGLE)
1 18.238.55.125 16509 (AMAZON-02)
2 130.211.23.194 396982 (GOOGLE-CL...)
44 11
23    178.77.110.222 (Germany)

ASN20773 (GODADDY, DE)
PTR: vwp15938.webpack.hosteurope.de
borncity.com
www.borncity.com
1    34.120.221.78 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 78.221.120.34.bc.googleusercontent.com
cdns.symplr.de
2    161.156.47.60 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 3c.2f.9ca1.ip4.static.sl-reverse.com
vg09.met.vgwort.de
1    172.67.41.60 (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
7    18.238.55.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-55-48.jfk52.r.cloudfront.net
cdn.privacy-mgmt.com
4    142.251.40.162 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f2.1e100.net
pagead2.googlesyndication.com
2    104.26.3.70 (None, )

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    142.251.40.198 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f6.1e100.net
ad.doubleclick.net
1    18.238.55.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-55-125.jfk52.r.cloudfront.net
cdn.privacy-mgmt.com
2    130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
Apex Domain
Subdomains		 Transfer
23 borncity.com
borncity.com — Cisco Umbrella Rank: 657029
www.borncity.com — Cisco Umbrella Rank: 759998
448 KB
8 privacy-mgmt.com
cdn.privacy-mgmt.com — Cisco Umbrella Rank: 4305
70 KB
4 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 157
224 KB
3 btloader.com
btloader.com — Cisco Umbrella Rank: 1573
api.btloader.com — Cisco Umbrella Rank: 1813
31 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1603
1 KB
2 vgwort.de
vg09.met.vgwort.de — Cisco Umbrella Rank: 289935
725 B
1 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 210
130 B
1 symplr.de
cdns.symplr.de — Cisco Umbrella Rank: 111923
24 KB
0 postimg.cc Failed
i.postimg.cc Failed
44 9
Domain Requested by
14 borncity.com borncity.com
9 www.borncity.com borncity.com
8 cdn.privacy-mgmt.com cdns.symplr.de
cdn.privacy-mgmt.com
4 pagead2.googlesyndication.com borncity.com
pagead2.googlesyndication.com
2 api.btloader.com btloader.com
2 ad-delivery.net borncity.com
2 vg09.met.vgwort.de 1 redirects borncity.com
1 ad.doubleclick.net borncity.com
1 btloader.com cdns.symplr.de
1 cdns.symplr.de borncity.com
0 i.postimg.cc Failed borncity.com
44 11
Subject Issuer Validity Valid
www.borncity.com
Starfield Secure Certificate Authority - G2		 2024-03-06 -
2025-04-05		 a year crt.sh
cdns.symplr.de
WR3		 2024-07-02 -
2024-09-30		 3 months crt.sh
btloader.com
WE1		 2024-08-10 -
2024-11-08		 3 months crt.sh
*.privacy-mgmt.com
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
ad-delivery.net
WE1		 2024-07-15 -
2024-10-13		 3 months crt.sh
*.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
api.btloader.com
WR3		 2024-08-02 -
2024-10-31		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Frame ID: 587040B691E33EEA92AE02BB6009507C
Requests: 42 HTTP requests in this frame

Frame: https://cdn.privacy-mgmt.com/index.html?hasCsp=true&message_id=894502&consentUUID=null&consent_origin=https%3A%2F%2Fcdn.privacy-mgmt.com%2Fconsent%2Ftcfv2&preload_message=true&version=v1
Frame ID: BEDEF64CCF6D4CCB80B613DBEE276C19
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Windows Server at risk from PoC exploit for CVE-2024-38077 | Born's Tech and Windows World

Page URL History Show full URLs

  1. http://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/ HTTP 307
    https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

44
Requests

95 %
HTTPS

0 %
IPv6

9
Domains

11
Subdomains

11
IPs

3
Countries

800 kB
Transfer

1662 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/ HTTP 307
    https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://vg09.met.vgwort.de/na/7987f826381843f1b0205ec7ca7b9ac1 HTTP 302
  • https://vg09.met.vgwort.de/blank.gif

44 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Redirect Chain
  • http://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
  • https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
150 KB
150 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
b3e92cd078b4363160fbe26740b8e6ec669b9bb097adc5b43bcd8226b7c375c5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control
private, proxy-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
text/html
Date
Mon, 12 Aug 2024 13:24:35 GMT
Link
<https://borncity.com/win/wp-json/>; rel="https://api.w.org/" <https://borncity.com/win/wp-json/wp/v2/posts/34748>; rel="alternate"; title="JSON"; type="application/json" <https://borncity.com/win/?p=34748>; rel=shortlink
Server
Apache
Transfer-Encoding
chunked
X-Cache-Status
MISS

Redirect headers

Location
https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Non-Authoritative-Reason
HttpsUpgrades
style.css
borncity.com/win/wp-content/themes/twentyten/ 		24 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://borncity.com/win/wp-content/themes/twentyten/style.css?ver=20240716
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
7dd23719da428fecef56ded30ed9e6f31f03aab2924aa17d3cbfc2fa51f97067

Request headers

Referer
https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 13:24:35 GMT
Last-Modified
Mon, 15 Jul 2024 21:31:05 GMT
Server
Apache
ETag
"60f1-61d4ff24e1217"
X-Cache-Status
HIT
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24817
dashicons.min.css
borncity.com/win/wp-includes/css/ 		58 KB
58 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://borncity.com/win/wp-includes/css/dashicons.min.css?ver=e17bc03a8fbc17ece530e2dd421576f4
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

Referer
https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 13:24:35 GMT
Last-Modified
Thu, 15 Apr 2021 08:36:49 GMT
Server
Apache
ETag
"e688-5bffec3b05f19"
X-Cache-Status
HIT
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
59016
frontend.min.css
borncity.com/win/wp-content/plugins/post-views-counter/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://borncity.com/win/wp-content/plugins/post-views-counter/css/frontend.min.css?ver=1.4.7
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
0d585aebb9cb31821fbcc6b030e0d882b5639e17bb403f8eb5ce7b3b19f4a1c9

Request headers

Referer
https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 13:24:36 GMT
Last-Modified
Fri, 21 Jun 2024 03:56:50 GMT
Server
Apache
ETag
"422-61b5e6bd93479"
X-Cache-Status
HIT
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1058
blocks.css
borncity.com/win/wp-content/themes/twentyten/ 		5 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://borncity.com/win/wp-content/themes/twentyten/blocks.css?ver=20230627
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
b942db1882c41dce308124c97a782fb0b85662ce10118965966bdbf475c040fa

Request headers

Referer
https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 13:24:36 GMT
Last-Modified
Mon, 15 Jul 2024 21:31:05 GMT
Server
Apache
ETag
"13e4-61d4ff24deb07"
X-Cache-Status
HIT
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5092
frontend.min.js
borncity.com/win/wp-content/plugins/post-views-counter/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://borncity.com/win/wp-content/plugins/post-views-counter/js/frontend.min.js?ver=1.4.7
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
0ea483a3020f20467311f88198ac887d4c3032485b36f30ec83bfa93af6d12d2

Request headers

Referer
https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 13:24:36 GMT
Last-Modified
Fri, 21 Jun 2024 03:56:50 GMT
Server
Apache
ETag
"aec-61b5e6bd95b8a"
X-Cache-Status
HIT
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2796
borncity.js
cdns.symplr.de/borncity.com/ 		95 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdns.symplr.de/borncity.com/borncity.js
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.221.78 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
78.221.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
0e438e2c5494ccb6e341823a3f019698aaeb386c2704fea23047d5b87c725f26

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 13:24:36 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
AHxI1nNr8quR6kUTfI00EZdz4uyj5cTNFofh-QQraGqKwYIeFHk4Pmlvmw0vhepVkK1mA7DhEvQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23938
last-modified
Tue, 06 Aug 2024 07:04:02 GMT
server
UploadServer
etag
"99f97455b7e6b058e2f60ce11c8c3767"
vary
Accept-Encoding
x-goog-generation
1722927842888515
x-goog-hash
crc32c=AMviGA==, md5=mfl0VbfmsFji9gzhHIw3Zw==
content-type
application/javascript
cache-control
public,max-age=3600,no-cache
x-goog-stored-content-length
23938
accept-ranges
bytes
cropped-header04.jpg
borncity.com/win/wp-content/uploads/sites/2/2014/12/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://borncity.com/win/wp-content/uploads/sites/2/2014/12/cropped-header04.jpg
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
6c88fa19fa98f93026f2d8a26f7d970dbb935c4d335c7c78e9f1ff308f9c83d7

Request headers

Referer
https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 13:24:36 GMT
Last-Modified
Sun, 07 Dec 2014 22:23:05 GMT
Server
Apache
ETag
"f0dd-509a7c10151ff"
X-Cache-Status
HIT
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
61661
Windows-klein.jpg
www.borncity.com/blog/wp-content/uploads/2021/04/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.borncity.com/blog/wp-content/uploads/2021/04/Windows-klein.jpg
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
9311ecfcb01c6dd16b96d5f5511642ddd553970ccc47cc5a1a986a1d3b58cb4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 13:24:37 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Thu, 29 Apr 2021 10:21:41 GMT
Server
Apache
ETag
"1834-5c119dc85a23d"
X-Cache-Status
HIT
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6196
Expires
Tue, 22 Apr 2025 17:05:29 GMT
blank.gif
vg09.met.vgwort.de/
Redirect Chain
  • https://vg09.met.vgwort.de/na/7987f826381843f1b0205ec7ca7b9ac1
  • https://vg09.met.vgwort.de/blank.gif
43 B
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vg09.met.vgwort.de/blank.gif
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Protocol
HTTP/1.1
Server
161.156.47.60 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
3c.2f.9ca1.ip4.static.sl-reverse.com
Software
keen /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 12 Aug 2024 13:24:38 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
keen
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Date
Mon, 12 Aug 2024 13:24:38 GMT
Last-Modified
Mon, 12 Aug 2024 13:24:38 GMT
Server
keen
Transfer-Encoding
chunked
Content-Type
text/html
Access-Control-Allow-Origin
*
Location
/blank.gif
Cache-Control
max-age=0, no-cache, must-revalidate, proxy-revalidate
Connection
keep-alive
Expires
Tue, 22 Aug 2000 15:05:01 GMT
image.png
i.postimg.cc/Y98PWW0S/ 		0
0
W10Tricks1.jpg
www.borncity.com/blog/wp-content/uploads/2017/09/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.borncity.com/blog/wp-content/uploads/2017/09/W10Tricks1.jpg
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
39e155d51048da4510471677309984b0f01ce87e9037a2064bdba92f6a27c026
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 13:24:37 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Sun, 10 Sep 2017 09:14:53 GMT
Server
Apache
ETag
"2349-558d23e385b5e"
X-Cache-Status
HIT
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9033
Expires
Tue, 22 Apr 2025 16:50:07 GMT
AmazonPrime.jpg
borncity.com/win/wp-content/uploads/sites/2/2018/03/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://borncity.com/win/wp-content/uploads/sites/2/2018/03/AmazonPrime.jpg
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
23cee2ccbd6470bf92c4ad0f691d2068bc58b4826e2ecde2a1811266c1cd4b62

Request headers

Referer
https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 13:24:36 GMT
Last-Modified
Sat, 17 Mar 2018 14:04:47 GMT
Server
Apache
ETag
"b3c-5679c351daed2"
X-Cache-Status
HIT
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2876
facebook.jpg
www.borncity.com/blog/wp-content/uploads/2015/11/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.borncity.com/blog/wp-content/uploads/2015/11/facebook.jpg
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
8e1f32f496ef9041f913c7818e126d3d4e30b83193d6285df915f7943001e09a

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 13:24:37 GMT
Last-Modified
Tue, 03 Nov 2015 17:06:21 GMT
Server
Apache
ETag
"b83-523a5e9bce29e"
X-Cache-Status
HIT
Content-Type
image/jpeg
Cache-Control
max-age=31557600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2947
Expires
Wed, 23 Apr 2025 03:09:48 GMT
twitter.jpg
www.borncity.com/blog/wp-content/uploads/2015/11/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.borncity.com/blog/wp-content/uploads/2015/11/twitter.jpg
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
0ba1ce0b603b5cd9644ef1bcf4b4ef017b745c3291b174ce8b3cd8172dba2a6c

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 13:24:37 GMT
Last-Modified
Tue, 03 Nov 2015 17:07:10 GMT
Server
Apache
ETag
"84e-523a5eca7f57a"
X-Cache-Status
HIT
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2126
Instagram.jpg
www.borncity.com/blog/wp-content/uploads/2020/08/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.borncity.com/blog/wp-content/uploads/2020/08/Instagram.jpg
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
42cf2af9b93be5f0438296f87681bd04395082bc350070b26ab2b131b3fec4cf

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 13:24:37 GMT
Last-Modified
Thu, 13 Aug 2020 22:38:42 GMT
Server
Apache
ETag
"9c7-5acc9f764e083"
X-Cache-Status
HIT
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2503
RSS1.jpg
www.borncity.com/blog/wp-content/uploads/2013/04/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.borncity.com/blog/wp-content/uploads/2013/04/RSS1.jpg
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
b0d10118b4c2a04cf01440306059697ea7a49cc57aa4d67a02952d808f7e4783

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 13:24:37 GMT
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 05 Apr 2013 06:50:40 GMT
Server
Apache
ETag
"b6f-4d99781559000"
X-Cache-Status
HIT
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2927
Expires
Tue, 22 Apr 2025 20:32:18 GMT
MCC2011.jpg
www.borncity.com/blog/wp-content/uploads/2014/01/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.borncity.com/blog/wp-content/uploads/2014/01/MCC2011.jpg
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
3b1f17738dc04df26c6a649ca8c79cf7bde5b8a6d3b4d60e6f996f69501c1945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 13:24:36 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Tue, 07 Jan 2014 10:51:22 GMT
Server
Apache
ETag
"dfc-4ef5f282fde80"
X-Cache-Status
HIT
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3580
Expires
Tue, 22 Apr 2025 16:48:13 GMT
MVP-Logo.jpg
www.borncity.com/blog/wp-content/uploads/2013/07/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.borncity.com/blog/wp-content/uploads/2013/07/MVP-Logo.jpg
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
7ba27fd3e53a7fbdb0637224a410395e9f39e64ba82e58d14789010991b162a8

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 13:24:36 GMT
Last-Modified
Mon, 01 Jul 2013 16:57:29 GMT
Server
Apache
ETag
"1055-4e0761fac7040"
X-Cache-Status
HIT
Content-Type
image/jpeg
Cache-Control
max-age=31557600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4181
Expires
Wed, 23 Apr 2025 03:23:50 GMT
Paypal.jpg
www.borncity.com/blog/wp-content/uploads/2018/05/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.borncity.com/blog/wp-content/uploads/2018/05/Paypal.jpg
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
755164183da7d6153ad802913dad65a434ea9c1560b79522ddfde2aec0c8cf2b

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 13:24:37 GMT
Last-Modified
Thu, 24 May 2018 14:33:20 GMT
Server
Apache
ETag
"632-56cf4886a44a9"
X-Cache-Status
HIT
Content-Type
image/jpeg
Cache-Control
max-age=31557600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1586
Expires
Wed, 23 Apr 2025 03:09:48 GMT
comment-reply.min.js
borncity.com/win/wp-includes/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://borncity.com/win/wp-includes/js/comment-reply.min.js?ver=e17bc03a8fbc17ece530e2dd421576f4
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

Referer
https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 13:24:36 GMT
Last-Modified
Tue, 24 May 2022 21:40:15 GMT
Server
Apache
ETag
"ba5-5dfc8cd5910d9"
X-Cache-Status
HIT
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2981
script.js
borncity.com/win/wp-content/plugins/koko-analytics/assets/dist/js/ 		844 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://borncity.com/win/wp-content/plugins/koko-analytics/assets/dist/js/script.js?ver=1.3.10
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
6f61af37b95e05b03ee618c5ccce9fac652549ef4c6515ff3b4f959ddb0ff52f

Request headers

Referer
https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 13:24:36 GMT
Last-Modified
Fri, 21 Jun 2024 03:56:18 GMT
Server
Apache
ETag
"34c-61b5e69ef63e6"
X-Cache-Status
HIT
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
844
wordpress.png
borncity.com/win/wp-content/themes/twentyten/images/ 		794 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://borncity.com/win/wp-content/themes/twentyten/images/wordpress.png
Requested by
Host: borncity.com
URL: https://borncity.com/win/wp-content/themes/twentyten/style.css?ver=20240716
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
61d00189e16b4ae467e9f3283ccf459d666950277c866c82f337534951b50f51

Request headers

Referer
https://borncity.com/win/wp-content/themes/twentyten/style.css?ver=20240716
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 13:24:36 GMT
Last-Modified
Mon, 15 Jul 2024 21:31:05 GMT
Server
Apache
ETag
"31a-61d4ff24e1217"
X-Cache-Status
HIT
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
794
jquery.min.js
borncity.com/win/wp-includes/js/jquery/ 		86 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://borncity.com/win/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

Referer
https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 13:24:36 GMT
Last-Modified
Wed, 08 Nov 2023 02:28:24 GMT
Server
Apache
ETag
"15601-6099ad7757c28"
X-Cache-Status
HIT
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
87553
tag
btloader.com/ 		116 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=4807305727574016&upapi=true
Requested by
Host: cdns.symplr.de
URL: https://cdns.symplr.de/borncity.com/borncity.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.41.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0716f4c2ef8b5a433cf7b8ca458458982a0ea3d502787b13bb12e715241f529

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 13:24:37 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
last-modified
Mon, 12 Aug 2024 12:35:47 GMT
server
cloudflare
age
2930
etag
"168af6d26a0dc88418b1b707551ed27f"
vary
Origin, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges
bytes
cf-ray
8b20c9644b4bab48-YYZ
content-length
31636
wrapperMessagingWithoutDetection.js
cdn.privacy-mgmt.com/unified/ 		129 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Requested by
Host: cdns.symplr.de
URL: https://cdns.symplr.de/borncity.com/borncity.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-48.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fb6ab1073cde3166b6000e29997f96d96645c9cba747ba4058dfd6bdd3de5600

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 13:05:09 GMT
content-encoding
br
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
last-modified
Thu, 01 Aug 2024 14:41:37 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
1168
x-amz-server-side-encryption
AES256
etag
W/"733d2b8eabf5d16a3959bf362390f403"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
hKQHFiNrBHYzbgVbFZnBSuWo5Smg9L70khEPJ5wjNE42AUPst_BByQ==
34748
borncity.com/win/wp-json/post-views-counter/view-post/ 		136 B
808 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://borncity.com/win/wp-json/post-views-counter/view-post/34748
Requested by
Host: borncity.com
URL: https://borncity.com/win/wp-content/plugins/post-views-counter/js/frontend.min.js?ver=1.4.7
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
0dec35dcd12c9e57f8ed1440e7f624459feb82117881c6452d532255db14155c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
X-WP-Nonce
319912e3cc
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

Date
Mon, 12 Aug 2024 13:24:37 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
136
Server
Apache
Allow
POST
Access-Control-Allow-Methods
OPTIONS, GET, POST, PUT, PATCH, DELETE
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://borncity.com
Access-Control-Expose-Headers
X-WP-Total, X-WP-TotalPages, Link
Vary
Origin
Access-Control-Allow-Credentials
true
X-Robots-Tag
noindex
X-WP-Nonce
319912e3cc
Link
<https://borncity.com/win/wp-json/>; rel="https://api.w.org/"
Access-Control-Allow-Headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
jquery-migrate.min.js
borncity.com/win/wp-includes/js/jquery/ 		13 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://borncity.com/win/wp-includes/js/jquery/jquery-migrate.min.js?ver=6.6.1
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.77.110.222 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
vwp15938.webpack.hosteurope.de
Software
Apache /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

Referer
https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 13:24:36 GMT
Last-Modified
Wed, 09 Aug 2023 14:25:00 GMT
Server
Apache
ETag
"3509-6027e3ea1be5e"
X-Cache-Status
HIT
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13577
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		157 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9683669630486717
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
f465fa2b96417ee4d0e650547514799612be24629e54d7f10151ea5a8cf28da7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://borncity.com/
Origin
https://borncity.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 13:24:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52470
x-xss-protection
0
server
cafe
etag
17765438428767094377
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Mon, 12 Aug 2024 13:24:37 GMT
gdpr-tcf.da52e36b5e2f05c6aae3.bundle.js
cdn.privacy-mgmt.com/unified/4.25.1/ 		156 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/unified/4.25.1/gdpr-tcf.da52e36b5e2f05c6aae3.bundle.js
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-48.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
924e5cdd56019f10cefe4b4a8b8f6ca2295efdde1f670ebf02a1001f063d6e7f

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 14:42:30 GMT
content-encoding
br
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
last-modified
Thu, 01 Aug 2024 14:16:34 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
945728
etag
W/"bdb59e0d65d41ca36dfd737b94eac1d0"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
n25rhjeERJurznv_WXREE1bGI0wzv75UrwHsjY2Xt4hLgg8SvmXdBg==
get_site_data
cdn.privacy-mgmt.com/mms/v2/ 		202 B
609 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/mms/v2/get_site_data?hasCsp=true&href=https%3A%2F%2Fborncity.com%2Fwin%2F2024%2F08%2F09%2Fwindows-server-at-risk-from-poc-exploit-for-cve-2024-38077%2F&account_id=1061
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-48.jfk52.r.cloudfront.net
Software
/
Resource Hash
e40fad148797abb3746b349a8d507ad01b9f073201116035601db7a7d276ec41
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 13:24:38 GMT
strict-transport-security
max-age=15552000; includeSubdomains
x-sp-mms-node
ip-10-128-21-35
via
1.1 92c9325fb1bf81aabb598856cb037f78.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P4
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
max-age=3600, s-maxage=86400
access-control-allow-credentials
true
x-amz-cf-id
zLunF_OsEBJVX6PXaVF_SEfjJHVUBgXPQLE2ncTaCob9MlqCfaro-g==
px.gif
ad-delivery.net/ 		43 B
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 13:24:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
98221
x-guploader-uploadid
ABPtcPoO8lHTf149iQY1YWi3D4zx22EAtSAz_AcGCaHZE_ooDIimXVBuIG_p1OOO9HKPZxksl_S475t5TA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TfhUKoC5m7kUp6eZHM8rECTlZyv6dSJxBXILUcNzlfaPHXPz4cRU3FbNDlVPw2YXvp0Zjs24n9qegz9VC4iCT71UDIE1j4pUV2NfX22F6VHDYdl3tggjMQU1Fo59pz6fKg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
8b20c97a09dbaabc-YYZ
expires
Tue, 13 Aug 2024 13:24:40 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.198 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 20:23:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61257
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 12 Aug 2024 20:23:40 GMT
px.gif
ad-delivery.net/ 		43 B
909 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.9826545565462006
Requested by
Host: borncity.com
URL: https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 13:24:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
98221
x-guploader-uploadid
ABPtcPoO8lHTf149iQY1YWi3D4zx22EAtSAz_AcGCaHZE_ooDIimXVBuIG_p1OOO9HKPZxksl_S475t5TA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TZKFcBnKb%2FXT%2Bw7DhhedmraZIQr2zHnRWn2epLoFsdoxfTP0%2F8KdnZO02RUA8ju3Q3w3BYnCvD3gyPggr4tuXOzZUKmMxrk29D%2FVQvu%2Bu7NDv7v2dgIZWPQlVnKp%2B38kww%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
8b20c97a09d9aabc-YYZ
expires
Tue, 13 Aug 2024 13:24:40 GMT
slotcar_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408060101/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408060101/slotcar_library_fy2021.js?bust=31085975
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9683669630486717
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
9fdeed552b5ffad6ad5ffcc7bfc6d1a7d5adac75a2db7ffac0b0de5e811289d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 13:24:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30702
x-xss-protection
0
server
cafe
etag
174433713506120835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Aug 2024 13:24:37 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408060101/ 		423 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408060101/show_ads_impl_fy2021.js?bust=31085975
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9683669630486717
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
40a24c48010e5a4bea44e08a96cf14f7ce8136a1a7c7e71586fb3048fd2e3211
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 13:24:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
145928
x-xss-protection
0
server
cafe
etag
6618262443877920504
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Aug 2024 13:24:37 GMT
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9683669630486717
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
meta-data
cdn.privacy-mgmt.com/wrapper/v2/ 		224 B
761 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/wrapper/v2/meta-data?hasCsp=true&accountId=1061&env=prod&metadata=%7B%22gdpr%22%3A%7B%7D%7D&propertyId=10883&scriptVersion=4.25.1&scriptType=unified
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-48.jfk52.r.cloudfront.net
Software
/ Express
Resource Hash
555ab9f7aa8129a682a9a85235ae0b3525f864d808dcb31ef16f5431162945b1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 12:56:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 92c9325fb1bf81aabb598856cb037f78.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P4
age
1678
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
224
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=3600
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id
SCBR4-UsvervQdgHJRc2ww4jC4jMwatebONTQ_AVEBeS8zXrB7WkCw==
messages
cdn.privacy-mgmt.com/wrapper/v2/ 		57 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/wrapper/v2/messages?hasCsp=true&env=prod&body=%7B%22accountId%22%3A1061%2C%22campaignEnv%22%3A%22prod%22%2C%22campaigns%22%3A%7B%22gdpr%22%3A%7B%22consentStatus%22%3A%7B%7D%2C%22targetingParams%22%3A%7B%7D%7D%7D%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fcdn.privacy-mgmt.com%22%2C%22hasCSP%22%3Atrue%2C%22includeData%22%3A%7B%22localState%22%3A%7B%22type%22%3A%22string%22%7D%2C%22actions%22%3A%7B%22type%22%3A%22RecordString%22%7D%2C%22cookies%22%3A%7B%22type%22%3A%22RecordString%22%7D%7D%2C%22propertyHref%22%3A%22https%3A%2F%2Fborncity.com%2Fwin%2F2024%2F08%2F09%2Fwindows-server-at-risk-from-poc-exploit-for-cve-2024-38077%2F%22%7D&localState=null&metadata=%7B%22gdpr%22%3A%7B%22applies%22%3Atrue%7D%7D&nonKeyedLocalState=null&ch=45888624745888624784f1&scriptVersion=4.25.1&scriptType=unified
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-48.jfk52.r.cloudfront.net
Software
/ Express
Resource Hash
5fe3fbc9528a102722ac4ddf41a22d421ed85421a3b8af033d092f0605aa4ded
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 13:24:38 GMT
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
via
1.1 92c9325fb1bf81aabb598856cb037f78.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P4
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
max-age=0, s-maxage=1200
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id
pK5hGsN_IIb9IYztL4hzTPg3_zwabo4E_Hy3etmE9tfD5JXsGgL8Aw==
pv-data
cdn.privacy-mgmt.com/wrapper/v2/ 		194 B
729 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/wrapper/v2/pv-data?hasCsp=true&env=prod&ch=45888624745888624784f1&scriptVersion=4.25.1&scriptType=unified
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-48.jfk52.r.cloudfront.net
Software
/ Express
Resource Hash
94c196641aa9712e09ee7e4997ab9f37e22f0a44728e46fae203da4b3d60fb49
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 12 Aug 2024 13:24:38 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 92c9325fb1bf81aabb598856cb037f78.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P4
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://borncity.com
x-cache
Miss from cloudfront
cache-control
no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
content-length
194
x-amz-cf-id
Ee1EC0hHDCT3niB995ALsy0WoRqVE-e559owCynVf-6oTuetEfoY2w==
pv-data
cdn.privacy-mgmt.com/wrapper/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/wrapper/v2/pv-data?hasCsp=true&env=prod&ch=45888624745888624784f1&scriptVersion=4.25.1&scriptType=unified
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-48.jfk52.r.cloudfront.net
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://borncity.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
access-control-allow-origin
https://borncity.com
allow
POST
cache-control
no-cache, no-store
content-length
4
content-type
text/html; charset=utf-8
date
Mon, 12 Aug 2024 13:24:38 GMT
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
via
1.1 92c9325fb1bf81aabb598856cb037f78.cloudfront.net (CloudFront)
x-amz-cf-id
470ESJ1Db6wTwQmnVcI39wW85lPKR6SToEMxNaa0DhR-MT1Gw058yA==
x-amz-cf-pop
JFK52-P4
x-cache
Miss from cloudfront
x-powered-by
Express
index.html
cdn.privacy-mgmt.com/ Frame BEDE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/index.html?hasCsp=true&message_id=894502&consentUUID=null&consent_origin=https%3A%2F%2Fcdn.privacy-mgmt.com%2Fconsent%2Ftcfv2&preload_message=true&version=v1
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://borncity.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age
663
cache-control
max-age=3600
content-encoding
gzip
content-type
text/html
date
Mon, 12 Aug 2024 13:13:36 GMT
etag
W/"be688f8dbcdb21983c6cc828620b962e"
last-modified
Thu, 25 Jul 2024 17:10:27 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 071f5fea9cc276d1769e252ea33022fa.cloudfront.net (CloudFront)
x-amz-cf-id
vh1aHr3acEGpblWNKKTP6ONh57GsJmK-lsgwmXWcqi616xhf8Cqn9A==
x-amz-cf-pop
JFK52-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
country
api.btloader.com/ 		37 B
153 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country?o=4807305727574016
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=4807305727574016&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
63c8a71e02dad8f567226247d5694840937f61e94ddb0c49288e8e68873c6097

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 13:24:40 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
pv
api.btloader.com/ 		0
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=uK0RYJWn&w=4697188399054848&o=4807305727574016&cv=2.1.48&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fborncity.com%2Fwin%2F2024%2F08%2F09%2Fwindows-server-at-risk-from-poc-exploit-for-cve-2024-38077%2F&sid=94tWoLMyg&pm=true&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=4807305727574016&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://borncity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 12 Aug 2024 13:24:40 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
i.postimg.cc
URL
https://i.postimg.cc/Y98PWW0S/image.png

Verdicts & Comments Add Verdict or Comment

141 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| koko_analytics object| pvcArgsFrontend function| initPostViewsCounter function| b2a function| a2b function| ai_run_scripts function| ai_wait_for_jquery function| b64e function| b64d object| ai_front number| ai_jquery_waiting_counter object| addComment object| pbjs object| googletag function| getDataLayerKeys function| symplrLogo function| createCloseButton function| startCountdown function| programmaticAds function| sendPageImpressions function| getLocationHost function| createAdTextElements function| determineDeviceViewport function| findHighestValuesOfArray function| addWidthHeightToAdSlot function| checkIfRunPrebidAuctionIsDefined function| executeWhenReady function| triggerAuctionSymplr function| sendMonetizeErrorMessage function| sendPlistaErrorMessage function| fetchContextualData function| loadContextualData function| urlTargeting function| keyValueTargeting function| loadPpid function| _typeof object| cmpScript object| node function| checkConsentFunctionKey function| loadGoogle function| loadAmazon function| loadEmetric function| loadTeads function| sendClickPenaltyMessage function| activateClickPenaltyObserver function| sendDataToApi function| collectAnalyticsData function| trackPageExit function| startExitEvent function| trackPageInactivity function| resetInactivityTimer function| startInactivityEvent function| loadJS function| injectStickyFooter function| calcDistanceByElement function| calcStickyHeaderOffsetFromTop function| repositionAd function| setStickyHeaderOffset function| addTextToSlot function| triggeredAdEvents function| userActivity function| userIsActive function| executeParallelAuctionAlongsidePrebid function| observedElementInView function| runPrebidAuction function| setCookie function| getCookie function| symplrDebug function| symplrConsole function| symplrGroup function| symplrGroupEnd function| gptDebug object| dataLayer function| sha256 function| sha224 function| __tcfapi object| _sp_queue object| _sp_ object| PostViewsCounter function| jQuery function| AiCookies function| ai_check_block function| ai_check_and_insert_block function| ai_load_cookie function| ai_set_cookie function| ai_get_cookie_text function| ai_insert function| ai_insert_code function| ai_insert_list_code function| ai_insert_viewport_code function| ai_insert_adsense_fallback_codes function| ai_insert_code_by_class function| ai_insert_client_code number| ai_sticky_delay function| ai_process_sticky_elements function| MobileDetect function| ai_run_781169920902 function| ai_document_write string| selector_string boolean| ai_js_code number| ai_sticky_sidebar_delay function| ai_process_lists function| ai_process_ip_addresses object| _sp_wp_jsonp object| element object| __bt object| __bt_intrnl object| __bt_tag_d object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_llp object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| AFMA_AddEventListener function| AFMA_RemoveEventListener function| AFMA_AddObserver function| AFMA_RemoveObserver function| AFMA_ReceiveMessage function| AFMA_SendMessage object| AFMA_Communicator function| google_sa_impl boolean| __bt_already_invoked function| arrive function| unbindArrive function| leave function| unbindLeave

2 Cookies

Domain/Path Name / Value
borncity.com/ Name: pvc_visits_2[0]
Value: 1723555477b34748
.borncity.com/ Name: consentUUID
Value: b69a8e05-02e6-4e7a-bdf0-67cd14a2d97f

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-delivery.net
ad.doubleclick.net
api.btloader.com
borncity.com
btloader.com
cdn.privacy-mgmt.com
cdns.symplr.de
i.postimg.cc
pagead2.googlesyndication.com
vg09.met.vgwort.de
www.borncity.com
i.postimg.cc
104.26.3.70
130.211.23.194
142.251.40.162
142.251.40.198
161.156.47.60
172.67.41.60
178.77.110.222
18.238.55.125
18.238.55.48
34.120.221.78
0ba1ce0b603b5cd9644ef1bcf4b4ef017b745c3291b174ce8b3cd8172dba2a6c
0d585aebb9cb31821fbcc6b030e0d882b5639e17bb403f8eb5ce7b3b19f4a1c9
0dec35dcd12c9e57f8ed1440e7f624459feb82117881c6452d532255db14155c
0e438e2c5494ccb6e341823a3f019698aaeb386c2704fea23047d5b87c725f26
0ea483a3020f20467311f88198ac887d4c3032485b36f30ec83bfa93af6d12d2
23cee2ccbd6470bf92c4ad0f691d2068bc58b4826e2ecde2a1811266c1cd4b62
39e155d51048da4510471677309984b0f01ce87e9037a2064bdba92f6a27c026
3b1f17738dc04df26c6a649ca8c79cf7bde5b8a6d3b4d60e6f996f69501c1945
40a24c48010e5a4bea44e08a96cf14f7ce8136a1a7c7e71586fb3048fd2e3211
42cf2af9b93be5f0438296f87681bd04395082bc350070b26ab2b131b3fec4cf
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
555ab9f7aa8129a682a9a85235ae0b3525f864d808dcb31ef16f5431162945b1
5fe3fbc9528a102722ac4ddf41a22d421ed85421a3b8af033d092f0605aa4ded
61d00189e16b4ae467e9f3283ccf459d666950277c866c82f337534951b50f51
63c8a71e02dad8f567226247d5694840937f61e94ddb0c49288e8e68873c6097
6c88fa19fa98f93026f2d8a26f7d970dbb935c4d335c7c78e9f1ff308f9c83d7
6f61af37b95e05b03ee618c5ccce9fac652549ef4c6515ff3b4f959ddb0ff52f
755164183da7d6153ad802913dad65a434ea9c1560b79522ddfde2aec0c8cf2b
7ba27fd3e53a7fbdb0637224a410395e9f39e64ba82e58d14789010991b162a8
7dd23719da428fecef56ded30ed9e6f31f03aab2924aa17d3cbfc2fa51f97067
8e1f32f496ef9041f913c7818e126d3d4e30b83193d6285df915f7943001e09a
924e5cdd56019f10cefe4b4a8b8f6ca2295efdde1f670ebf02a1001f063d6e7f
9311ecfcb01c6dd16b96d5f5511642ddd553970ccc47cc5a1a986a1d3b58cb4d
94c196641aa9712e09ee7e4997ab9f37e22f0a44728e46fae203da4b3d60fb49
9fdeed552b5ffad6ad5ffcc7bfc6d1a7d5adac75a2db7ffac0b0de5e811289d4
b0d10118b4c2a04cf01440306059697ea7a49cc57aa4d67a02952d808f7e4783
b3e92cd078b4363160fbe26740b8e6ec669b9bb097adc5b43bcd8226b7c375c5
b942db1882c41dce308124c97a782fb0b85662ce10118965966bdbf475c040fa
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0716f4c2ef8b5a433cf7b8ca458458982a0ea3d502787b13bb12e715241f529
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40fad148797abb3746b349a8d507ad01b9f073201116035601db7a7d276ec41
f465fa2b96417ee4d0e650547514799612be24629e54d7f10151ea5a8cf28da7
fb6ab1073cde3166b6000e29997f96d96645c9cba747ba4058dfd6bdd3de5600