securityonline.info Open in urlscan Pro
2a05:d014:776:a63e:ceb:15ad:bbb7:6a9d Public Scan

Go To Rescan
Add Verdict Report

URL:
https://securityonline.info/poc-released-for-windows-sysinternals-sysmon-privilege-escalation-cve-2023-29343-bug/
Submission: On October 29 via api (October 29th 2024, 12:37:20 pm UTC) from IN — Scanned from DE

Summary HTTP 64 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 10 domains to perform 64 HTTP transactions. The main IP is 2a05:d014:776:a63e:ceb:15ad:bbb7:6a9d, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is securityonline.info. The Cisco Umbrella rank of the primary domain is 675227.
TLS certificate: Issued by E5 on October 14th 2024. Valid for: 3 months.

This is the only time securityonline.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	2a05:d014:776... 2a05:d014:776:a63e:ceb:15ad:bbb7:6a9d	16509 (AMAZON-02) (AMAZON-02)
7	172.67.199.186 172.67.199.186	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
14	172.67.134.242 172.67.134.242	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.67.74.235 172.67.74.235	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	172.67.170.144 172.67.170.144	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	216.58.206.35 216.58.206.35	15169 (GOOGLE) (GOOGLE)
1	216.58.206.74 216.58.206.74	15169 (GOOGLE) (GOOGLE)
64	13

9 2a05:d014:776:a63e:ceb:15ad:bbb7:6a9d (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

securityonline.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.67.199.186 (United States)

ASN13335 (CLOUDFLARENET, US)

privacy.gatekeeperconsent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
the.gatekeeperconsent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

go.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 172.67.134.242 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-0.securityonline.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.74.235 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.sur.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 172.67.170.144 (United States)

ASN13335 (CLOUDFLARENET, US)

www.ezojs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.35 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.74 (United States)

ASN15169 (GOOGLE, US)
PTR: tzfraa-aa-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	securityonline.info securityonline.info — Cisco Umbrella Rank: 675227 cdn-0.securityonline.info	298 KB
17	ezojs.com www.ezojs.com — Cisco Umbrella Rank: 16755	55 KB
7	gatekeeperconsent.com privacy.gatekeeperconsent.com — Cisco Umbrella Rank: 38842 the.gatekeeperconsent.com — Cisco Umbrella Rank: 14901	137 KB
4	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 412 fonts.googleapis.com — Cisco Umbrella Rank: 30	33 KB
2	gstatic.com fonts.gstatic.com	24 KB
2	sur.ly cdn.sur.ly — Cisco Umbrella Rank: 205538	20 KB
2	ezodn.com go.ezodn.com — Cisco Umbrella Rank: 12744 g.ezodn.com — Cisco Umbrella Rank: 17565	211 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	104 KB
1	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215	33 KB
0	smushcdn.com Failed b3442631.smushcdn.com Failed
64	10

	Domain	Requested by
17	www.ezojs.com	securityonline.info
14	cdn-0.securityonline.info	securityonline.info
9	securityonline.info	securityonline.info www.ezojs.com
6	the.gatekeeperconsent.com	securityonline.info the.gatekeeperconsent.com www.ezojs.com
3	fonts.googleapis.com	securityonline.info cdn.sur.ly
2	fonts.gstatic.com	fonts.googleapis.com
2	cdn.sur.ly	securityonline.info
1	g.ezodn.com	securityonline.info
1	www.googletagmanager.com	securityonline.info
1	go.ezodn.com	securityonline.info
1	securepubads.g.doubleclick.net	securityonline.info
1	ajax.googleapis.com	securityonline.info
1	privacy.gatekeeperconsent.com	securityonline.info
0	b3442631.smushcdn.com Failed	securityonline.info
64	14

This site contains links to these domains. Also see Links.

Domain
github.com
msrc.microsoft.com
www.facebook.com
www.twitter.com
www.youtube.com
meterpreter.org
securityexpress.info
paypal.me
sur.ly
g.ezoic.net

Subject Issuer	Validity	Valid
securityonline.info E5	`2024-10-14` - `2025-01-12`	3 months	crt.sh
gatekeeperconsent.com WE1	`2024-10-19` - `2025-01-17`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
ezodn.com WE1	`2024-10-17` - `2025-01-15`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
cdn-0.securityonline.info WE1	`2024-09-29` - `2024-12-28`	3 months	crt.sh
sur.ly WE1	`2024-10-04` - `2025-01-02`	3 months	crt.sh
www.ezojs.com WE1	`2024-10-27` - `2025-01-25`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://securityonline.info/poc-released-for-windows-sysinternals-sysmon-privilege-escalation-cve-2023-29343-bug/
Frame ID: 8A040520AB16FF9F4FFA9C2296FF9341
Requests: 65 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PoC Released for Windows SysInternals Sysmon Privilege Escalation (CVE-2023-29343) Bug

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

64
Requests

92 %
HTTPS

33 %
IPv6

10
Domains

14
Subdomains

13
IPs

3
Countries

915 kB
Transfer

2661 kB
Size

1
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://github.com/Wh04m1001/CVE-2023-29343
Title: released

Search URL Search Domain Scan URL

URL: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29343
Title: addressed

Search URL Search Domain Scan URL

URL: https://www.facebook.com/DdoS-109131310571187/

Search URL Search Domain Scan URL

URL: https://www.twitter.com/the_yellow_fall

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/penetrationtestingwithddos

Search URL Search Domain Scan URL

URL: https://github.com/FreelancePentester

Search URL Search Domain Scan URL

URL: https://meterpreter.org/
Title: Penetration Testing Tools

Search URL Search Domain Scan URL

URL: https://securityexpress.info/
Title: The Information Technology Daily

Search URL Search Domain Scan URL

URL: https://paypal.me/donatesecurityonline

Search URL Search Domain Scan URL

URL: https://sur.ly/i/securityonline.info/
Title: securityonline.info

Search URL Search Domain Scan URL

URL: https://sur.ly/
Title: Sur.ly

Search URL Search Domain Scan URL

URL: https://g.ezoic.net/privacy/securityonline.info
Title: Datenschutzerklärung

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

64 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
securityonline.info/poc-released-for-windows-sysinternals-sysmon-privilege-escalation-cve-2023-29343-bug/ 112 KB
25 KB 449ms
383ms Document
text/html 2a05:d014:776:a63e:ceb:15ad:bbb7:6a9d
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://securityonline.info/poc-released-for-windows-sysinternals-sysmon-privilege-escalation-cve-2023-29343-bug/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:776:a63e:ceb:15ad:bbb7:6a9d Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7f327a49e1abd9c597da3d0c1c791d7aca5c1350941ddef3d352c4cc896bf557

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 29 Oct 2024 12:37:13 UTC
display: pub_site_sol
expires: Mon, 28 Oct 2024 12:37:14 GMT
link: <https://securityonline.info/wp-json/>; rel="https://api.w.org/", <https://securityonline.info/wp-json/wp/v2/posts/77035>; rel="alternate"; title="JSON"; type="application/json", <https://securityonline.info/?p=77035>; rel=shortlink
pagespeed: off
response: 200
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
x-ez-minify-html: 10.52% 105098 / 117453
x-ezoic-cdn: Hit d2;ms;9c5a7d71ecf1b698bb4e18f479da27bd;2-124533-146;4NuznuUOBPNI4TNEnhaoN
x-middleton-display: pub_site_sol
x-middleton-response: 200
x-origin-cache-control
x-pingback: https://securityonline.info/xmlrpc.php
x-sol: pub_site

GET
H3 200 tcf2_stub.js Show response
privacy.gatekeeperconsent.com/ 1 KB
1 KB 127ms
79ms Script
application/javascript 172.67.199.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://privacy.gatekeeperconsent.com/tcf2_stub.js
Requested by: Host: securityonline.info
URL: https://securityonline.info/poc-released-for-windows-sysinternals-sysmon-privilege-escalation-cve-2023-29343-bug/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.199.186 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86e721bb96c71af08a282151a6246606d325447fc603947cffb628265d7509be

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://securityonline.info/

Response headers

cache-control: max-age=15780000, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fo0U41dagzAc6jBeqOnpbivHJ14NdorjFS84dwpM2ZS3smC199K5SStir01Hg3wsWsM70maa7feQtkn%2B14u8ccjijEhyweBBbH98gLvOJmuXVKbrAvZM6Fplw1P7gq9xG5kD9sdDTBU1%2Frgwk%2BbTeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8da3373b9e92d27c-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=27807&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4145&recv_bytes=4268&delivery_rate=114370&cwnd=12000&unsent_bytes=0&cid=8d186cd34f28c0f3&ts=63&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 12:37:14 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
31 KB 128ms
43ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: securityonline.info
URL: https://securityonline.info/poc-released-for-windows-sysinternals-sysmon-privilege-escalation-cve-2023-29343-bug/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://securityonline.info/

Response headers

content-encoding: gzip
age: 590741
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 16:31:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 16:31:33 GMT
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges: bytes
access-control-allow-origin: *
content-length: 31017
x-xss-protection: 0
server: sffe

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 106 KB
33 KB 139ms
56ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securityonline.info
URL: https://securityonline.info/poc-released-for-windows-sysinternals-sysmon-privilege-escalation-cve-2023-29343-bug/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e101d16a6ecf89ef9202a080805ca74020676fee47c9794a0002af8ddc8c7afb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://securityonline.info/

Response headers

content-encoding: br
etag: 518 / 20025 / 31088507 / config-hash: 5776178136636264343
x-content-type-options: nosniff
expires: Tue, 29 Oct 2024 12:37:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 29 Oct 2024 12:37:14 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 34110
x-xss-protection: 0
server: cafe

GET
H3 200 dall.js Show response
go.ezodn.com/hb/ 634 KB
209 KB 170ms
88ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/hb/dall.js?cb=195-2-106
Requested by: Host: securityonline.info
URL: https://securityonline.info/poc-released-for-windows-sysinternals-sysmon-privilege-escalation-cve-2023-29343-bug/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eeea57551b14b19f15f12eb019b03f59b950ab1a670d9c6e998e4d68f6aa6dd9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://securityonline.info/

Response headers

cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
age: 496992
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jvC1jdCYIa2rcSCAMpNV%2B643oaw9J1UBgx3ovfefuDpzShnqNq0ReFDSGRdIo5jqL7nqWNpVS8RJeTtJNlBn2%2Frx44TdBS2jtkQprXJ%2FO4PWAfvH0itO7tzIsJhXoQo%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8da3373bd936041a-CDG
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=39244&sent=10&recv=7&lost=0&retrans=0&sent_bytes=4086&recv_bytes=4269&delivery_rate=81097&cwnd=12000&unsent_bytes=0&cid=8497e448d733ba6a&ts=101&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 12:37:14 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare
last-modified: Wed, 23 Oct 2024 18:34:02 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 308 KB
104 KB 261ms
66ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MVCLJGE8T6

Requested by

Host: securityonline.info
URL: https://securityonline.info/poc-released-for-windows-sysinternals-sysmon-privilege-escalation-cve-2023-29343-bug/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

475d6916882cc56cd9a656c1823de0354e5c2a59ef91433b13639194fe51a850

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://securityonline.info/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 29 Oct 2024 12:37:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Oct 2024 12:37:14 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 106219
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 css
fonts.googleapis.com/ 417 B
766 B 126ms
42ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Antic+Slab:regular&display=optional

Requested by

Host: securityonline.info
URL: https://securityonline.info/poc-released-for-windows-sysinternals-sysmon-privilege-escalation-cve-2023-29343-bug/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

23bfcda874b9fc0054dabaafae0c0668a78af7f60a3fc362ea33034d5d318ae8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://securityonline.info/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 29 Oct 2024 12:37:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Oct 2024 12:37:14 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 29 Oct 2024 12:37:14 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 wgs2.css
cdn-0.securityonline.info/wp-content/plugins/wp-google-search/ 3 KB
2 KB 153ms
44ms Stylesheet
text/css 172.67.134.242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-0.securityonline.info/wp-content/plugins/wp-google-search/wgs2.css?ezmin=true&ff=1&ver=6.6.2&wps=false&ez_used_css_s=13
Requested by: Host: securityonline.info
URL: https://securityonline.info/poc-released-for-windows-sysinternals-sysmon-privilege-escalation-cve-2023-29343-bug/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.134.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd6261240ed0f12a5cc73e1a74452182697f4b09560cdfbb3b2f17e0659a2f7f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://securityonline.info/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"62eaa675-a60-gzip"
age: 402141
x-middleton-response: 200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fwpL8BPQsYlrIW1DwcdOvD5zPEjUylxSpwrNnwEH0tdldPRclsWRiuUxDOVIr8EjZPDFB3%2FvVRTuvAyf%2BHNcH1whE0sEOXMO3Nh6Piz0BNRb86OKXE1pocX44JYXEkLE2OJuyWGXd6F3ToxK"}],"group":"cf-nel","max_age":604800}
response: 200
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=48007&sent=19&recv=11&lost=0&retrans=0&sent_bytes=12634&recv_bytes=5881&delivery_rate=67737&cwnd=12000&unsent_bytes=0&cid=fb8a14a626c1a0a8&ts=75&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 12:37:14 GMT
x-middleton-display: staticcontent_sol, orig_site_sol
content-type: text/css
last-modified: Wed, 03 Aug 2022 16:46:45 GMT
x-ezoic-cdn: Hit d2;mm;f328fe5059a0de988e1ef64fef8ce79d;2-124533-146;RnNiJ9z3lXqfyKj4OlOvw
display: staticcontent_sol, orig_site_sol
vary: Accept-Encoding,User-Agent,Origin
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: public
x-sol: orig
cf-ray: 8da3373c3ffcd37a-FRA
x-origin-cache-control: max-age=2592000
server: cloudflare

GET
H3 200 style.min.css
cdn-0.securityonline.info/wp-includes/css/dist/block-library/ 3 KB
2 KB 188ms
79ms Stylesheet
text/css 172.67.134.242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-0.securityonline.info/wp-includes/css/dist/block-library/style.min.css?ezmin=true&ff=1&ver=6.6.2&wps=false&ez_used_css_s=13
Requested by: Host: securityonline.info
URL: https://securityonline.info/poc-released-for-windows-sysinternals-sysmon-privilege-escalation-cve-2023-29343-bug/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.134.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b02c07c12bae1eef3257a8f6b7b803e2a3979021acbd64945564800fb399507

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://securityonline.info/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"66f2918a-1b72b-gzip"
age: 1279606
x-middleton-response: 200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KMXme0cX7M%2F97%2F9XiVu9kGnbYlF8NN1Cpt1R4m3t2CFVAYDEWZj4HTg0XStAPYaxnBE6KnRFnLQO6MhOcFcR164uBaf6m5rKrCFc2JM89hivlN2eDr96XHzat%2F%2FIfKOaaMwH796oWhSzrfk3"}],"group":"cf-nel","max_age":604800}
response: 200
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=43354&sent=24&recv=13&lost=0&retrans=0&sent_bytes=16173&recv_bytes=5971&delivery_rate=20737&cwnd=12000&unsent_bytes=0&cid=fb8a14a626c1a0a8&ts=92&x=1", cfHdrFlush;dur=14
date: Tue, 29 Oct 2024 12:37:14 GMT
x-middleton-display: staticcontent_sol, orig_site_sol
content-type: text/css
last-modified: Tue, 24 Sep 2024 10:16:42 GMT
x-ezoic-cdn: Hit d2;mm;7cbae1f9eea0acda49c689fadb8f542d;2-124533-146;ha0OhMEzyEZ9vEbJrjYuM
display: staticcontent_sol, orig_site_sol
vary: Accept-Encoding,User-Agent,Origin
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: public
x-sol: orig
cf-ray: 8da3373c3ffed37a-FRA
x-origin-cache-control: max-age=2592000
server: cloudflare

GET
H3 200 hph-front.min.css
cdn-0.securityonline.info/wp-content/themes/hueman-pro/addons/assets/front/css/ 3 KB
2 KB 154ms
45ms Stylesheet
text/css 172.67.134.242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-0.securityonline.info/wp-content/themes/hueman-pro/addons/assets/front/css/hph-front.min.css?ezmin=true&ff=1&ver=1.4.27&wps=false&ez_used_css_s=13
Requested by: Host: securityonline.info
URL: https://securityonline.info/poc-released-for-windows-sysinternals-sysmon-privilege-escalation-cve-2023-29343-bug/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.134.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1994d6de24d0effc59c81c0a86f223027144e10ca0f416e0ab3ecb7e5a10be0b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://securityonline.info/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"6613be41-38d1-gzip"
age: 1279606
x-middleton-response: 200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LzZTlu%2BEacx8HI1ZmXMTkmfvWudfvr36rWzK1rmb%2FfPRhGwvpsBzqPgjBVEPDjJesUEKIPS1xYVWPzM%2Fe2LjJkVzoNxEBdNZIavqBw4m61aywBEHmsdIhzAIuMdLY%2BIveJ89svv3zjfJuRZc"}],"group":"cf-nel","max_age":604800}
response: 200
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=48007&sent=21&recv=11&lost=0&retrans=0&sent_bytes=14366&recv_bytes=5881&delivery_rate=67737&cwnd=12000&unsent_bytes=0&cid=fb8a14a626c1a0a8&ts=77&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 12:37:14 GMT
x-middleton-display: staticcontent_sol, orig_site_sol
content-type: text/css
last-modified: Mon, 08 Apr 2024 09:52:01 GMT
x-ezoic-cdn: Hit d2;mm;a3b150e7509d3ed6a3efd2ea9c82bbf0;2-124533-146;oRv20BKINq73TD_q2xzd1
display: staticcontent_sol, orig_site_sol
vary: Accept-Encoding,User-Agent,Origin
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: public
x-sol: orig
cf-ray: 8da3373c3800d37a-FRA
x-origin-cache-control: max-age=2592000
server: cloudflare

GET
H3 200 main.min.css
cdn-0.securityonline.info/wp-content/themes/hueman-pro/assets/front/css/ 48 KB
10 KB 188ms
80ms Stylesheet
text/css 172.67.134.242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-0.securityonline.info/wp-content/themes/hueman-pro/assets/front/css/main.min.css?ezmin=true&ff=1&ver=1.4.27&wps=false&ez_used_css_s=13
Requested by: Host: securityonline.info
URL: https://securityonline.info/poc-released-for-windows-sysinternals-sysmon-privilege-escalation-cve-2023-29343-bug/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.134.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81aeba690e3f1b2f6800e2d87b03a47fce54086d0bdaafc0b6a6ff6f01daadcf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://securityonline.info/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"6613be41-17060-gzip"
age: 1186166
x-middleton-response: 200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mLRy%2BlnTZArquH1Q3%2F%2B%2FvnBGCbk5zPqzxl5El2TGEweVK05mxcAk8uZiG5yCG4w4TOI0tMY2kEgIGk7iMtYwki16jcqgRjepau3xY5XE1NYEv%2F6L8HI5Z7Zujy%2FI8BaDErSJqelWemVgXUho"}],"group":"cf-nel","max_age":604800}
response: 200
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=48007&sent=23&recv=11&lost=0&retrans=0&sent_bytes=15623&recv_bytes=5881&delivery_rate=67737&cwnd=12000&unsent_bytes=0&cid=fb8a14a626c1a0a8&ts=78&x=1", cfHdrFlush;dur=29
date: Tue, 29 Oct 2024 12:37:14 GMT
x-middleton-display: staticcontent_sol, orig_site_sol
content-type: text/css
last-modified: Mon, 08 Apr 2024 09:52:01 GMT
x-ezoic-cdn: Hit d2;mm;eb9d30b0ee60ce46602aadcd5e9188b6;2-124533-146;sjzTMexJOkxrvaKMudCR4
display: staticcontent_sol, orig_site_sol
vary: Accept-Encoding,User-Agent,Origin
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: public
x-sol: orig
cf-ray: 8da3373c3802d37a-FRA
x-origin-cache-control: max-age=2592000
server: cloudflare

GET
H2 200 fa-brands-400.woff2
securityonline.info/wp-content/themes/hueman-pro/assets/front/webfonts/ 77 KB
77 KB 126ms
122ms Font
application/octet-stream 2a05:d014:776:a63e:ceb:15ad:bbb7:6a9d
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://securityonline.info/wp-content/themes/hueman-pro/assets/front/webfonts/fa-brands-400.woff2?v=5.15.2

Requested by

Host: securityonline.info
URL: https://securityonline.info/poc-released-for-windows-sysinternals-sysmon-privilege-escalation-cve-2023-29343-bug/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:776:a63e:ceb:15ad:bbb7:6a9d Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

529d0a7b3944929222155bca3272ba1a87acc2faa09b2ed26a713872b7ff8794

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://securityonline.info
Referer: https://securityonline.info/poc-released-for-windows-sysinternals-sysmon-privilege-escalation-cve-2023-29343-bug/

Response headers

access-control-max-age: 1728000
etag: "6613be41-13288-gzip"
x-middleton-response: 200
access-control-allow-methods: POST, GET, OPTIONS
response: 200
date: Tue, 29 Oct 2024 12:37:14 UTC
x-middleton-display: staticcontent_sol
content-type: application/octet-stream
last-modified: Mon, 08 Apr 2024 09:52:01 GMT
x-ezoic-cdn: Hit d2;mm;e2bb34d0a5c1b277a17f2a048f975603;2-124533-146;dwNbLrWguab7KJzIoiZTw
display: staticcontent_sol
vary: Accept-Encoding,User-Agent,Origin
strict-transport-security: max-age=31536000
cache-control: public, max-age=2592000
access-control-allow-origin: https://securityonline.info
x-origin-cache-control
server: nginx

GET
H2 200 fa-regular-400.woff2
securityonline.info/wp-content/themes/hueman-pro/assets/front/webfonts/ 13 KB
13 KB 83ms
80ms Font
application/octet-stream 2a05:d014:776:a63e:ceb:15ad:bbb7:6a9d
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://securityonline.info/wp-content/themes/hueman-pro/assets/front/webfonts/fa-regular-400.woff2?v=5.15.2

Requested by

Host: securityonline.info
URL: https://securityonline.info/poc-released-for-windows-sysinternals-sysmon-privilege-escalation-cve-2023-29343-bug/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:776:a63e:ceb:15ad:bbb7:6a9d Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b3b8c21edfe6c5e402fdc607366fd8d15949a65914f58134733dc68922bc8d61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://securityonline.info
Referer: https://securityonline.info/poc-released-for-windows-sysinternals-sysmon-privilege-escalation-cve-2023-29343-bug/

Response headers

access-control-max-age: 1728000
etag: "6613be41-3514-gzip"
x-middleton-response: 200
access-control-allow-methods: POST, GET, OPTIONS
response: 200
date: Tue, 29 Oct 2024 12:37:14 UTC
x-middleton-display: staticcontent_sol
content-type: application/octet-stream
last-modified: Mon, 08 Apr 2024 09:52:01 GMT
x-ezoic-cdn: Hit d2;mm;ee09e65548cdb191bf8a004736c11aca;2-124533-146;sMewkb4mm922ADp8Q7bkg
display: staticcontent_sol
vary: Accept-Encoding,User-Agent,Origin
strict-transport-security: max-age=31536000
cache-control: public, max-age=2592000
access-control-allow-origin: https://securityonline.info
x-origin-cache-control
server: nginx

GET
H2 200 fa-solid-900.woff2
securityonline.info/wp-content/themes/hueman-pro/assets/front/webfonts/ 78 KB
79 KB 64ms
62ms Font
application/octet-stream 2a05:d014:776:a63e:ceb:15ad:bbb7:6a9d
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://securityonline.info/wp-content/themes/hueman-pro/assets/front/webfonts/fa-solid-900.woff2?v=5.15.2

Requested by

Host: securityonline.info
URL: https://securityonline.info/poc-released-for-windows-sysinternals-sysmon-privilege-escalation-cve-2023-29343-bug/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:776:a63e:ceb:15ad:bbb7:6a9d Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

6c916669cf923b4f1b2db5c5107c83b6ca205e7ad0dcd840b251e63f0c8d28a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://securityonline.info
Referer: https://securityonline.info/poc-released-for-windows-sysinternals-sysmon-privilege-escalation-cve-2023-29343-bug/

Response headers

access-control-max-age: 1728000
etag: "6613be41-1397c-gzip"
x-middleton-response: 200
access-control-allow-methods: POST, GET, OPTIONS
response: 200
date: Tue, 29 Oct 2024 12:37:14 UTC
x-middleton-display: staticcontent_sol
content-type: application/octet-stream
last-modified: Mon, 08 Apr 2024 09:52:01 GMT
x-ezoic-cdn: Hit d2;mm;46fb3c811b44f0a8c3740b5e8b79dee6;2-124533-146;Jst1mCU4rbVrSYxtdIQdB
display: staticcontent_sol
vary: Accept-Encoding,User-Agent,Origin
strict-transport-security: max-age=31536000
cache-control: public, max-age=2592000
access-control-allow-origin: https://securityonline.info
x-origin-cache-control
server: nginx

GET
H3 200 cmp.js Show response
the.gatekeeperconsent.com/v2/ 151 KB
39 KB 69ms
53ms Script
text/javascript 172.67.199.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://the.gatekeeperconsent.com/v2/cmp.js?v=260
Requested by: Host: securityonline.info
URL: https://securityonline.info/poc-released-for-windows-sysinternals-sysmon-privilege-escalation-cve-2023-29343-bug/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.199.186 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 475d40eb6a079ff5ef3115ad68f9f31abfc6fc5af0194c4a04248342c8bb2bfc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://securityonline.info/

Response headers

content-encoding: br
cf-bgj: minify
cf-cache-status: HIT
age: 495158
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3a3p7dVMoeTLoMID%2B2p7b3INM4AeFMYX%2B0IMFVufEAqJKZPYYhLLnfthutypcrgHqlwev5t1KacvtRi5ZdVnSKxzqp1%2BUZW%2F51hPCK200hEMFwVo94wX61puSxrJ1pma5QBBsXDLOWqpZVya"}],"group":"cf-nel","max_age":604800}
cf-polished: origSize=154364
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=32062&sent=15&recv=12&lost=0&retrans=0&sent_bytes=5481&recv_bytes=4720&delivery_rate=18239&cwnd=12000&unsent_bytes=0&cid=8d186cd34f28c0f3&ts=295&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 12:37:14 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 22 Oct 2024 07:39:36 GMT
vary: Accept-Encoding
cache-control: public, max-age=15780000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8da3373d0a56d27c-FRA
server: cloudflare

GET PoC.png
b3442631.smushcdn.com/3442631/wp-content/uploads/2023/06/ 0
0

GET
H3 200 surly-badges.min.css
cdn.sur.ly/widget-awards/css/ 17 KB
2 KB 161ms
60ms Stylesheet
text/css 172.67.74.235
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sur.ly/widget-awards/css/surly-badges.min.css
Requested by: Host: securityonline.info
URL: https://securityonline.info/poc-released-for-windows-sysinternals-sysmon-privilege-escalation-cve-2023-29343-bug/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.74.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 709db6c0f6bdf9ceb176a43adf30eb1be65c0b2b1f7130d203133e4af06a2651

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://securityonline.info/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"62a6bbbc-4517"
age: 497306
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vfyUfCVsshj8Es%2FAP7vCqS%2F1WlKf9qEkljbbrEvP2Vj9xZfgyDy%2BI0ax8Q2xWvQYG%2FsZv%2BBm8xdAvvHa%2B8xGCt%2BgH64rZE0N6K7KS5L%2Bc3g9xE3pr85kTnfPey8%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 14 Nov 2024 18:12:02 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 29 Oct 2024 12:37:14 GMT
content-type: text/css
last-modified: Mon, 13 Jun 2022 04:23:24 GMT
vary: Accept-Encoding
priority: u=2,i=?0
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8da3373c3e1fdc80-FRA
server: cloudflare

GET
H3 200 underscore.min.js Show response
cdn-0.securityonline.info/wp-includes/js/ 18 KB
8 KB 144ms
44ms Script
application/javascript 172.67.134.242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-0.securityonline.info/wp-includes/js/underscore.min.js?ver=1.13.4
Requested by: Host: securityonline.info
URL: https://securityonline.info/poc-released-for-windows-sysinternals-sysmon-privilege-escalation-cve-2023-29343-bug/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.134.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://securityonline.info/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"636235cb-4991-gzip"
age: 1177784
x-middleton-response: 200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G%2Feco%2FnuinXvZ7Jgf65hv9IJf4pJOrC0haDXZWarDoG%2Fbo8lU80%2BG0oMmnzb0e1ViU9EBpUF1I1fyRPIqPIefJKWpT4iGtZczxy1JNS2OQ7YIL9qyee0iVh93uuTQ01MReALqoOS9tqDH23K"}],"group":"cf-nel","max_age":604800}
response: 200
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=48007&sent=11&recv=11&lost=0&retrans=0&sent_bytes=4205&recv_bytes=5881&delivery_rate=67737&cwnd=12000&unsent_bytes=0&cid=fb8a14a626c1a0a8&ts=74&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 12:37:14 GMT
x-middleton-display: staticcontent_sol, orig_site_sol
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 09:18:03 GMT
x-ezoic-cdn: Hit d2;mm;e2c9b3da5cd88aa753f9bf9837fa7d33;2-124533-146;wr8gf32RxDeyyRU1li51w
display: staticcontent_sol, orig_site_sol
vary: Accept-Encoding,User-Agent,Origin
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: public
x-sol: orig
cf-ray: 8da3373c3ff9d37a-FRA
x-origin-cache-control: max-age=2592000
server: cloudflare

GET
H3 200 v.js Show response
g.ezodn.com/cmp/v2/ 4 KB
2 KB 103ms
88ms Script
text/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezodn.com/cmp/v2/v.js?v=4
Requested by: Host: securityonline.info
URL: https://securityonline.info/poc-released-for-windows-sysinternals-sysmon-privilege-escalation-cve-2023-29343-bug/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb947597b409a7f8b7c3751c6defa7208a7b55881c09387bcf5be94572dbf633

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://securityonline.info/

Response headers

cache-control: public, max-age=15780000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
age: 493891
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ri59frMzonsGzv1S33CTbPTZLmmPZUdbHyKkW2ZCGmdHnoGbu3ePo06UTtdHP1r5fLwfbj2gzOmR7Ep4udR7rqsmGH2cUZYxkzF7o%2B5ur%2BoTU9Uu2k3wGOrR2HUzDg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8da3373d0a84041a-CDG
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=43007&sent=120&recv=28&lost=0&retrans=0&sent_bytes=133716&recv_bytes=5405&delivery_rate=829006&cwnd=67200&unsent_bytes=0&cid=8497e448d733ba6a&ts=283&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 12:37:14 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 23 Oct 2024 01:11:06 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 boise.js Show response
www.ezojs.com/detroitchicago/ 811 B
1 KB 223ms
57ms Script
application/javascript 172.67.170.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ezojs.com/detroitchicago/boise.js?gcb=195-2&cb=5
Requested by: Host: securityonline.info
URL: https://securityonline.info/poc-released-for-windows-sysinternals-sysmon-privilege-escalation-cve-2023-29343-bug/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 092955f521559093671a2302925cf7e43be3c9c36a2f4c32a35c4d910feb6984

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://securityonline.info/

Response headers

x-robots-tag: noindex
content-encoding: br
cf-bgj: minify
cf-cache-status: HIT
age: 3447444
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xPqu3SMKxg5bFZ%2F5gYbPCixWAX36%2BnK%2FdFW%2B%2FKAp%2FOWb8wgH22nv0CnE8zb%2FT1%2Bomg0UwUPXvSGHuYU1r4UCFHu5lYZkm0T7Em49K4vpTIOmlscapH%2Fd2FbTVm%2BSaeDl"}],"group":"cf-nel","max_age":604800}
cf-polished: origSize=824
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=45257&sent=10&recv=13&lost=0&retrans=0&sent_bytes=4177&recv_bytes=5708&delivery_rate=73131&cwnd=12000&unsent_bytes=0&cid=aa7f48551c2069dd&ts=172&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 12:37:14 GMT
x-middleton-display: sol-js
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 22 Mar 2024 20:20:43 GMT
priority: u=3,i=?0
cache-control: max-age=31536000, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8da3373dffa40bea-AMS
server: cloudflare

GET
H3 200 abilene.js Show response
www.ezojs.com/parsonsmaize/ 10 KB
4 KB 267ms
102ms Script
application/javascript 172.67.170.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ezojs.com/parsonsmaize/abilene.js?gcb=195-2&cb=38
Requested by: Host: securityonline.info
URL: https://securityonline.info/poc-released-for-windows-sysinternals-sysmon-privilege-escalation-cve-2023-29343-bug/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77a40222cb1869e1fe6c264f3e47bb35c9cc0bbf2cc422bd743ad7f4fd6f9338

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://securityonline.info/

Response headers

x-robots-tag: noindex
content-encoding: br
cf-bgj: minify
cf-cache-status: HIT
age: 2401369
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AwFPiCD03ANmQ%2Bu5yoqXBVZSwGsV9%2FgQ6RUsYu8FIJsLxzZ7jgc8NBVeHARztymU8DWG0yUJp%2Fk92290bADSCedFLb9BzkrEELyPxalf9E56rw5%2BeYldcJliuxX3NViz"}],"group":"cf-nel","max_age":604800}
cf-polished: origSize=9825
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=45257&sent=22&recv=13&lost=0&retrans=0&sent_bytes=15071&recv_bytes=5708&delivery_rate=73131&cwnd=12000&unsent_bytes=0&cid=aa7f48551c2069dd&ts=192&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 12:37:14 GMT
x-middleton-display: sol-js
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 01 Oct 2024 17:34:18 GMT
priority: u=3,i=?0
cache-control: max-age=31536000, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8da3373dffa10bea-AMS
server: cloudflare

GET
H3 200 tulsa.js Show response
www.ezojs.com/detroitchicago/ 13 KB
5 KB 287ms
122ms Script
application/javascript 172.67.170.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ezojs.com/detroitchicago/tulsa.js?gcb=195-2&cb=9
Requested by: Host: securityonline.info
URL: https://securityonline.info/poc-released-for-windows-sysinternals-sysmon-privilege-escalation-cve-2023-29343-bug/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8f9daa5a391e4becb1ef21376f88772a4b5a874c50d22348b0fcc489dcc7b95

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://securityonline.info/

Response headers

x-robots-tag: noindex
content-encoding: br
cf-bgj: minify
cf-cache-status: HIT
age: 33490
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oxAtCpNMeXO9V5XSRyf%2FhTcIU3uHwYcgMqXLr%2BopakoAjUzPTOsIrBuE8dodYu56mD1JAjU%2FNTCUMlPxfjgPJPlUIH%2BLhxvksrSV7AQlAGq4LInfjXG%2BIpvxP3DoBJ1k"}],"group":"cf-nel","max_age":604800}
cf-polished: origSize=13380
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=51620&sent=28&recv=22&lost=0&retrans=0&sent_bytes=19552&recv_bytes=6350&delivery_rate=212058&cwnd=20400&unsent_bytes=0&cid=aa7f48551c2069dd&ts=230&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 12:37:14 GMT
x-middleton-display: sol-js
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 22 Mar 2024 22:27:21 GMT
priority: u=3,i=?0
cache-control: max-age=31536000, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8da3373dffac0bea-AMS
server: cloudflare

POST
H2 200 analytics Show response
securityonline.info/ezais/ 9 KB
3 KB 124ms
123ms XHR
text/plain 2a05:d014:776:a63e:ceb:15ad:bbb7:6a9d
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://securityonline.info/ezais/analytics?cb=1
Requested by: Host: securityonline.info
URL: https://securityonline.info/poc-released-for-windows-sysinternals-sysmon-privilege-escalation-cve-2023-29343-bug/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63e:ceb:15ad:bbb7:6a9d Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: 51c32f470f984062c9fd137b6b4279b7a623ceb1e032c151eaa13273ba48b258

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://securityonline.info/poc-released-for-windows-sysinternals-sysmon-privilege-escalation-cve-2023-29343-bug/

Response headers

x-robots-tag: noindex
access-control-max-age: 1728000
content-encoding: br
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-allow-origin: https://securityonline.info
date: Tue, 29 Oct 2024 12:37:14 GMT
content-type: text/plain; charset=utf-8
vary: Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
server: Apache/2.4.39 (Ubuntu)
access-control-allow-headers: Content-Type

GET
H3 200 lazy_load.js Show response
www.ezojs.com/tardisrocinante/ 14 KB
6 KB 231ms
67ms Script
application/javascript 172.67.170.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ezojs.com/tardisrocinante/lazy_load.js?gcb=2&cb=6
Requested by: Host: securityonline.info
URL: https://securityonline.info/poc-released-for-windows-sysinternals-sysmon-privilege-escalation-cve-2023-29343-bug/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a143a0231b41e8939c3f61fb57070aab6570ec44467d96037be09fd9d9b0caa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://securityonline.info/

Response headers

x-robots-tag: noindex
content-encoding: br
cf-bgj: minify
cf-cache-status: HIT
age: 18997089
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=buNWgUCFr%2FGbUtsNoYF%2B7GwlYfbOH51hY1BrFiUNJzgY%2FMq1bbZrole1ErtoAZ1A8b6SIHsLRSLb6NspO0YxyJiJqoDIatKL2XlDG4ic0XK2k2z8u17skBm4klqMGD2x"}],"group":"cf-nel","max_age":604800}
cf-polished: origSize=13945
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=45257&sent=12&recv=13&lost=0&retrans=0&sent_bytes=5426&recv_bytes=5708&delivery_rate=73131&cwnd=12000&unsent_bytes=0&cid=aa7f48551c2069dd&ts=175&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 12:37:14 GMT
x-middleton-display: sol-js
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 22 Mar 2024 21:23:24 GMT
priority: u=3,i=?0
cache-control: max-age=31536000, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8da3373dff9f0bea-AMS
server: cloudflare

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
662 B 58ms
57ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Oswald&display=swap

Requested by

Host: cdn.sur.ly
URL: https://cdn.sur.ly/widget-awards/css/surly-badges.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cac8b9784ba1bb5d7a7b66f0cec55d996907b73ce993138ab998d8b05b11ffea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cdn.sur.ly/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 29 Oct 2024 12:37:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Oct 2024 12:37:14 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 29 Oct 2024 11:04:58 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 recommended_pages.js Show response
securityonline.info/utilcave_com/apps/js/ 16 KB
3 KB 50ms
48ms Script
application/javascript 2a05:d014:776:a63e:ceb:15ad:bbb7:6a9d
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://securityonline.info/utilcave_com/apps/js/recommended_pages.js?cb=7
Requested by: Host: securityonline.info
URL: https://securityonline.info/poc-released-for-windows-sysinternals-sysmon-privilege-escalation-cve-2023-29343-bug/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63e:ceb:15ad:bbb7:6a9d Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: 5b2b8d431ffc12e91090b624fc573a8ef4d18a8c68abc862fe1b1f40b17be72a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://securityonline.info/poc-released-for-windows-sysinternals-sysmon-privilege-escalation-cve-2023-29343-bug/

Response headers

cache-control: public, max-age=2592000
content-encoding: br
etag: "41b3-605c110814c00-gzip-gzip"
x-sol: middleton
date: Tue, 29 Oct 2024 12:37:14 GMT
x-middleton-display: staticcontent_sol
content-type: application/javascript
last-modified: Wed, 20 Sep 2023 02:23:44 GMT
server: Apache/2.4.39 (Ubuntu)
display: staticcontent_sol
vary: Accept-Encoding,Origin

GET
DATA 200
OK truncated
/ 450 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1ef12885818ccd0fccaf717b7afb34a93a2dc0b74729d4f2cc1e198e80f8395b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H3 200 bWt97fPFfRzkCa9Jlp6IacVcXA.woff2
fonts.gstatic.com/s/anticslab/v16/ 12 KB
12 KB 187ms
39ms Font
font/woff2 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/anticslab/v16/bWt97fPFfRzkCa9Jlp6IacVcXA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Antic+Slab:regular&display=optional

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f3.1e100.net

Software

sffe /

Resource Hash

3c478d59cd9c14ded18169933a9703a61220b737631fa08035f626f45867c134

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://securityonline.info
Referer: https://fonts.googleapis.com/

Response headers

age: 590599
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 16:33:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 16:33:55 GMT
last-modified: Tue, 19 Apr 2022 18:27:59 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12136
x-xss-protection: 0
server: sffe

GET
H3 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
fonts.gstatic.com/s/oswald/v53/ 12 KB
12 KB 188ms
40ms Font
font/woff2 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Oswald&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f3.1e100.net

Software

sffe /

Resource Hash

24df88e7e15c4b0b11eccc139235e04384513c803b5221485375b7acee755bac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://securityonline.info
Referer: https://fonts.googleapis.com/

Response headers

age: 591412
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 16:20:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 16:20:22 GMT
last-modified: Tue, 15 Aug 2023 18:49:41 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12276
x-xss-protection: 0
server: sffe

GET
H3 200 et.js Show response
www.ezojs.com/porpoiseant/ 1 KB
1 KB 69ms
67ms Script
application/javascript 172.67.170.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ezojs.com/porpoiseant/et.js?gcb=195-2&cb=3
Requested by: Host: securityonline.info
URL: https://securityonline.info/poc-released-for-windows-sysinternals-sysmon-privilege-escalation-cve-2023-29343-bug/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f67393986c012dbf48aa3149e2874bd84ed5f466362ad1ac31305f697f1da7b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://securityonline.info/

Response headers

x-robots-tag: noindex
content-encoding: br
cf-bgj: minify
cf-cache-status: HIT
age: 26431
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rUsXZy9rMbb2pt%2BhubM5pnDYLESCMnSpFKYtto2gnLfCa2zDud91x1iHP1rgTSVkcIVWVTTY9DhJFW5qxLXjW6QTEaYPpetujUUWew2vggxjPsUyPQ8Do4uNgmk9j2vc"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=45257&sent=12&recv=13&lost=0&retrans=0&sent_bytes=5426&recv_bytes=5708&delivery_rate=73131&cwnd=12000&unsent_bytes=0&cid=aa7f48551c2069dd&ts=175&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 12:37:14 GMT
x-middleton-display: sol-js
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 16 May 2024 00:29:56 GMT
priority: u=3,i=?0
cache-control: max-age=31536000, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8da3373dffb20bea-AMS
server: cloudflare

GET
H3 200 drake.js Show response
www.ezojs.com/beardeddragon/ 4 KB
2 KB 69ms
67ms Script
application/javascript 172.67.170.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ezojs.com/beardeddragon/drake.js?gcb=2&cb=8
Requested by: Host: securityonline.info
URL: https://securityonline.info/poc-released-for-windows-sysinternals-sysmon-privilege-escalation-cve-2023-29343-bug/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e2e9642ce4893f96c168bd664e248170d5de361db3ae3a0280089d72b29dd20

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://securityonline.info/

Response headers

x-robots-tag: noindex
content-encoding: br
cf-bgj: minify
cf-cache-status: HIT
age: 26902
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cnFQ8rw%2FiqbsWbm0ylWqPtIWuWWw7FDSeDU79642yzcO4Ph7%2FAue4Eip4hzCz3FqcTmpldA0saCbQbSF8Mkpve9hYba207xM9e2D5WNCYzfSriLfZwpwmpVYSZ7o2m8%2F"}],"group":"cf-nel","max_age":604800}
cf-polished: origSize=4247
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=45257&sent=12&recv=13&lost=0&retrans=0&sent_bytes=5426&recv_bytes=5708&delivery_rate=73131&cwnd=12000&unsent_bytes=0&cid=aa7f48551c2069dd&ts=175&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 12:37:14 GMT
x-middleton-display: sol-js
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 21 Oct 2024 23:57:33 GMT
priority: u=3,i=?0
cache-control: max-age=31536000, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8da3373dffb50bea-AMS
server: cloudflare

GET
H3 200 jellyfish.js Show response
www.ezojs.com/porpoiseant/ 37 KB
10 KB 65ms
62ms Script
application/javascript 172.67.170.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ezojs.com/porpoiseant/jellyfish.js?a=a&cb=16&dcb=195-2&shcb=34
Requested by: Host: securityonline.info
URL: https://securityonline.info/poc-released-for-windows-sysinternals-sysmon-privilege-escalation-cve-2023-29343-bug/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 007078a6fc420ba722a9a08f6237161e0736553b1ea84a0b8f677468ddbcaf11

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://securityonline.info/

Response headers

x-robots-tag: noindex
content-encoding: br
cf-bgj: minify
cf-cache-status: HIT
age: 15170551
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cjxDUbMtWkVRO4Uqaz%2BXnw9oeriprfoHg5V4oYNVgBakINDVpfZ5ojMVy93sorqjUl3%2FveZS8kC9QEVQ8L2Js9aSr9KUD4OaDtxLiZrN7CAD1SULfUvA2mSyo2QrpFaP"}],"group":"cf-nel","max_age":604800}
cf-polished: origSize=37695
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=51620&sent=33&recv=22&lost=0&retrans=0&sent_bytes=24985&recv_bytes=6350&delivery_rate=212058&cwnd=20400&unsent_bytes=0&cid=aa7f48551c2069dd&ts=236&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 12:37:14 GMT
x-middleton-display: sol-js
content-type: application/javascript
last-modified: Mon, 06 May 2024 22:34:43 GMT
vary: Accept-Encoding
priority: u=3,i=?0
cache-control: max-age=31536000, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8da3373e681d0bea-AMS
server: cloudflare

GET
H3 200 config.json Show response
the.gatekeeperconsent.com/v2/ 17 KB
3 KB 289ms
97ms XHR
application/json 172.67.199.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://the.gatekeeperconsent.com/v2/config.json?domain=securityonline.info&changeLogId=1998328&cb=260

Requested by

Host: the.gatekeeperconsent.com
URL: https://the.gatekeeperconsent.com/v2/cmp.js?v=260

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.199.186 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d47fcfe01b11324d684103805c7b679a8e6ef010316c4d6964f34c001c0a97e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	deny

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://securityonline.info/

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6109ek4f%2BH3YbKso5qZrm1rrpt2Iocj2axWs4z430aZklABdhpEHS9RgYjpJf%2Fq8LURCUP9zDLjkfnkHlrWNTSRV5Rx44gb3VFFYhaPbQgNhkFjtalGIhXz6kQNh4n7X56UTL9BM48pBNs66"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=52563&sent=11&recv=8&lost=0&retrans=0&sent_bytes=4173&recv_bytes=4382&delivery_rate=61919&cwnd=12000&unsent_bytes=0&cid=3d78c6ec25229d7c&ts=218&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 12:37:14 GMT
content-type: application/json
vary: Accept-Encoding
x-frame-options: deny
content-security-policy: default-src 'none'
cache-control: max-age=2592000, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8da3373f3b9502db-CDG
access-control-allow-origin: *
server: cloudflare

GET PoC-1024x278.png
b3442631.smushcdn.com/3442631/wp-content/uploads/2023/06/ 0
0

POST
H2 200 app-ajax Show response
securityonline.info/ezoic/ 876 B
472 B 376ms
375ms XHR
text/plain 2a05:d014:776:a63e:ceb:15ad:bbb7:6a9d
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://securityonline.info/ezoic/app-ajax
Requested by: Host: securityonline.info
URL: https://securityonline.info/utilcave_com/apps/js/recommended_pages.js?cb=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63e:ceb:15ad:bbb7:6a9d Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: 6a8dca11233d5eef30d55bfd20f2e6e40d1dc54f6d43d4c7419db898fc264835

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://securityonline.info/poc-released-for-windows-sysinternals-sysmon-privilege-escalation-cve-2023-29343-bug/

Response headers

expires: Mon, 28 Oct 2024 12:37:14 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-encoding: br
date: Tue, 29 Oct 2024 12:37:14 GMT
content-type: text/plain; charset=utf-8
vary: Accept-Encoding
server: Apache/2.4.39 (Ubuntu)

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/webp

GET
H3 200 donate-6153764_640.png
cdn-0.securityonline.info/ezoimgfmt/b3442631.smushcdn.com/3442631/wp-content/uploads/2024/07/ 6 KB
7 KB 91ms
90ms Image
image/webp 172.67.134.242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.securityonline.info/ezoimgfmt/b3442631.smushcdn.com/3442631/wp-content/uploads/2024/07/donate-6153764_640.png?lossy=1&strip=1&webp=1&ezimgfmt=rs:280x238/rscb1/ngcb1/notWebP
Requested by: Host: securityonline.info
URL: https://securityonline.info/poc-released-for-windows-sysinternals-sysmon-privilege-escalation-cve-2023-29343-bug/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.134.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4942a37edccd3ec37b80946c93006fd0b371d2fcdfcca75a6c5fd47f350cdd7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://securityonline.info/

Response headers

cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cf-cache-status: HIT
etag: "a646b28f06ef9215be5cb6c1b6b3eb49-gzip"
age: 1175463
x-middleton-response: 200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0046uO6tGZ%2FpcC%2F9wP0yq7qd%2F5%2BRarIVV%2F1D0WBk9kv2zk%2F6iBJ7TxFTIuTtZDaAJCL17cSDfCiUDj2qt6DEb%2Fz9ZyqicfZzS2J9HMyzgdrHpw1xPUWwqUm60y1Ju1wR%2BWpqr2IId%2Ftj3hJC"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=41850&sent=43&recv=31&lost=0&retrans=0&sent_bytes=33949&recv_bytes=7985&delivery_rate=84784&cwnd=16800&unsent_bytes=0&cid=fb8a14a626c1a0a8&ts=497&x=1", cfHdrFlush;dur=0
content-type: image/webp
cdn-cache: HIT
cdn-cachedat: 10/02/2024 03:09:03
last-modified: Mon, 02 Sep 2024 03:06:32 GMT
x-amz-expiration: expiry-date="Thu, 03 Oct 2024 00:00:00 GMT", rule-id="expire"
x-ezoic-cdn: Hit d2;ms;ff4b910f04e293f5f2f097beffbf3985;2-124533-146;17izrkR9fIVTJZmFxbZ4N
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
smushed: origFmt=png, origSize=12503, smushRatio=6.55, skipped=0, originCache=HIT
cdn-pullzone: 1946822
cdn-proxyver: 1.04
cdn-edgestorageid: 1079
server: cloudflare
cdn-requestcountrycode: DE
response: 200
date: Tue, 29 Oct 2024 12:37:14 GMT
x-middleton-display: staticcontent_sol
vary: Accept-Encoding,X-Ezoic-Excludewebp,User-Agent,Origin
display: staticcontent_sol
cdn-requestpullcode: 200
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requesttime: 1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-requestid: 58b302cc274ad55d473176e299ea0241
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
cf-ray: 8da3373e8df4d37a-FRA
access-control-allow-origin: *
x-origin-cache-control: public, max-age=31919000

GET
H3 200 Akira-Ransomware-80x80.png
cdn-0.securityonline.info/ezoimgfmt/b3442631.smushcdn.com/3442631/wp-content/uploads/2024/09/ 930 B
2 KB 50ms
48ms Image
image/webp 172.67.134.242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.securityonline.info/ezoimgfmt/b3442631.smushcdn.com/3442631/wp-content/uploads/2024/09/Akira-Ransomware-80x80.png?lossy=1&strip=1&webp=1&ezimgfmt=rs:80x80/rscb1/ngcb1/notWebP
Requested by: Host: securityonline.info
URL: https://securityonline.info/poc-released-for-windows-sysinternals-sysmon-privilege-escalation-cve-2023-29343-bug/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.134.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4888a66bba852c8e65bd9af8e17044d38ee63229ad0f56eb1bb155e4f22c0389

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://securityonline.info/

Response headers

cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cf-cache-status: HIT
etag: "67843e453081ad92732c9ebf1d1fb9ac-gzip"
age: 13033
x-middleton-response: 200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i0vUYWTe9wVHuKvut5TS%2FBn7We8WXZaG8Tprsl4h3mtt1Yw8oFeLZdbfvWkR4WrI6QoMV03cLev7sd6DCm1Q7QoC4YD4tf7Ibl1iefLdcOdVOE8wxVzjodkEjORZ3AkNXE4YZ4sbPcCeOf1H"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=41051&sent=41&recv=29&lost=0&retrans=0&sent_bytes=31556&recv_bytes=7899&delivery_rate=323670&cwnd=16800&unsent_bytes=0&cid=fb8a14a626c1a0a8&ts=450&x=1", cfHdrFlush;dur=0
content-type: image/webp
cdn-cache: HIT
cdn-cachedat: 10/03/2024 01:55:08
last-modified: Mon, 09 Sep 2024 01:38:03 GMT
x-amz-expiration: expiry-date="Thu, 10 Oct 2024 00:00:00 GMT", rule-id="expire"
x-ezoic-cdn: Hit d2;ms;c911059ff4a879996157665bb9804fde;2-124533-146;VtN7g12zqGQB-uA1ODkrE
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
smushed: origFmt=png, origSize=3888, smushRatio=30.14, skipped=0, originCache=HIT
cdn-pullzone: 1946822
cdn-proxyver: 1.04
cdn-edgestorageid: 1079
server: cloudflare
cdn-requestcountrycode: DE
response: 200
date: Tue, 29 Oct 2024 12:37:14 GMT
x-middleton-display: staticcontent_sol
vary: Accept-Encoding,X-Ezoic-Excludewebp,User-Agent,Origin
display: staticcontent_sol
cdn-requestpullcode: 200
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requesttime: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-requestid: 6021b71b8de6e3b30df8f1f6f6409fdb
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
cf-ray: 8da3373e8df6d37a-FRA
access-control-allow-origin: *
x-origin-cache-control: public, max-age=31919000

GET
H3 200 Rock-80x80.png
cdn-0.securityonline.info/ezoimgfmt/b3442631.smushcdn.com/3442631/wp-content/uploads/2024/09/ 1 KB
2 KB 47ms
46ms Image
image/webp 172.67.134.242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.securityonline.info/ezoimgfmt/b3442631.smushcdn.com/3442631/wp-content/uploads/2024/09/Rock-80x80.png?lossy=1&strip=1&webp=1&ezimgfmt=rs:80x80/rscb1/ngcb1/notWebP
Requested by: Host: securityonline.info
URL: https://securityonline.info/poc-released-for-windows-sysinternals-sysmon-privilege-escalation-cve-2023-29343-bug/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.134.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2345a0a9adb980ab9b3223672f8a3a64f544194c0a30d65eb980c2934b1a02a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://securityonline.info/

Response headers

cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cf-cache-status: HIT
etag: "f52c323c99920c6968498545222bee61-gzip"
age: 13033
x-middleton-response: 200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K6hO5Kjq5P%2BnwkePflrfy62w0vS5acPk9lw6yIjXaMOR%2Bc1qRCHIYKaQ41T62ljwHoN9lm57jW%2Fn7UsFQl9mxU7RFPjaFlK5jPKp28RvQGCkHUEmV4NxbyfSlKLf5dqCD%2BorvywKCjq5TqES"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=41051&sent=38&recv=29&lost=0&retrans=0&sent_bytes=28985&recv_bytes=7899&delivery_rate=323670&cwnd=16800&unsent_bytes=0&cid=fb8a14a626c1a0a8&ts=447&x=1", cfHdrFlush;dur=0
content-type: image/webp
cdn-cache: HIT
cdn-cachedat: 10/03/2024 01:55:08
last-modified: Thu, 03 Oct 2024 01:52:06 GMT
x-amz-expiration: expiry-date="Sun, 03 Nov 2024 00:00:00 GMT", rule-id="expire"
x-ezoic-cdn: Hit d2;ms;9425ab757b63f2faf2894e7614075af6;2-124533-146;NXy5NtlfUwdc2Xlumqvko
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
smushed: origFmt=png, origSize=4301, smushRatio=36.11, skipped=0, originCache=HIT
cdn-pullzone: 1946822
cdn-proxyver: 1.04
cdn-edgestorageid: 1082
server: cloudflare
cdn-requestcountrycode: DE
response: 200
date: Tue, 29 Oct 2024 12:37:14 GMT
x-middleton-display: staticcontent_sol
vary: Accept-Encoding,X-Ezoic-Excludewebp,User-Agent,Origin
display: staticcontent_sol
cdn-requestpullcode: 200
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requesttime: 1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-requestid: 2011e9c574c9c5cd5f0c632c89d20bb3
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
cf-ray: 8da3373e9dfbd37a-FRA
access-control-allow-origin: *
x-origin-cache-control: public, max-age=31919000

GET Tor-logo-2011-flat.svg_-80x80.png
b3442631.smushcdn.com/3442631/wp-content/uploads/2024/09/ 0
0

GET
H3 200 mulvane.js Show response
www.ezojs.com/parsonsmaize/ 1 KB
1 KB 203ms
199ms Script
application/javascript 172.67.170.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ezojs.com/parsonsmaize/mulvane.js?gcb=195-2&cb=10
Requested by: Host: securityonline.info
URL: https://securityonline.info/poc-released-for-windows-sysinternals-sysmon-privilege-escalation-cve-2023-29343-bug/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e9cc574a5fac93935179f833c3c532a2d29f30cbbe4485e26cf1910b487180c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://securityonline.info/

Response headers

x-robots-tag: noindex
content-encoding: br
cf-bgj: minify
cf-cache-status: HIT
age: 12085556
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l1Wb52leNM9IffrhtKjO7UMl9TgGB7KsHB8EPU6uCiucI6%2FFABjIHT5Mx5xLDoUKTT2J0IKgVSjBMGeo9uN%2BaR8aK8FHRcVLkQVTNY4dAs0IDPI2vFXzfGLQjpPRKtWe"}],"group":"cf-nel","max_age":604800}
cf-polished: origSize=1242
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=45536&sent=52&recv=41&lost=0&retrans=0&sent_bytes=41820&recv_bytes=8380&delivery_rate=83081&cwnd=24000&unsent_bytes=0&cid=aa7f48551c2069dd&ts=406&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 12:37:14 GMT
x-middleton-display: sol-js
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 11 Jun 2024 15:31:12 GMT
priority: u=3,i=?0
cache-control: max-age=31536000, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8da3373ed8840bea-AMS
server: cloudflare

GET
H3 200 reno.js Show response
www.ezojs.com/detroitchicago/ 1 KB
1 KB 76ms
71ms Script
application/javascript 172.67.170.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ezojs.com/detroitchicago/reno.js?gcb=195-2&cb=2
Requested by: Host: securityonline.info
URL: https://securityonline.info/poc-released-for-windows-sysinternals-sysmon-privilege-escalation-cve-2023-29343-bug/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 031451a08ac9dfd5d91a2fb8101be8c4d7cf0c8941d8542abb6fd61d221b2342

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://securityonline.info/

Response headers

x-robots-tag: noindex
content-encoding: br
cf-bgj: minify
cf-cache-status: HIT
age: 503873
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=buBop%2F5YGCTTKfGc8GCfHC1yJ2DgqtTNyMelk2%2F5E31iJdjgxojPLwTrt9eKa3G8yfK%2BJaNiio7ZBI8KtQabLWxMZa3hZbnbJbchI6huEhGKFwow7rKhpERmJ4%2F236F4"}],"group":"cf-nel","max_age":604800}
cf-polished: origSize=1043
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=45670&sent=48&recv=36&lost=0&retrans=0&sent_bytes=39302&recv_bytes=8164&delivery_rate=370640&cwnd=24000&unsent_bytes=0&cid=aa7f48551c2069dd&ts=309&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 12:37:14 GMT
x-middleton-display: sol-js
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 16 Oct 2024 23:24:12 GMT
priority: u=3,i=?0
cache-control: max-age=31536000, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8da3373ed8890bea-AMS
server: cloudflare

GET
H3 200 wichita.js Show response
www.ezojs.com/detroitchicago/ 3 KB
2 KB 70ms
65ms Script
application/javascript 172.67.170.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ezojs.com/detroitchicago/wichita.js?gcb=195-2&cb=12
Requested by: Host: securityonline.info
URL: https://securityonline.info/poc-released-for-windows-sysinternals-sysmon-privilege-escalation-cve-2023-29343-bug/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d7a77f24fc31abf310ccb240b2e0a49f2582823f990eef11a3abc37f286ea12

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://securityonline.info/

Response headers

x-robots-tag: noindex
content-encoding: br
cf-bgj: minify
cf-cache-status: HIT
age: 504366
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rnlNVQ55zf%2FHtVH9tkNdDNKFGZEU7qz3ztLyuaedO6v7H3cl%2BjSqCW%2Bj9Se9DJkq0zUrJ%2FFIDakkU2JCME%2BHeOYhIeCTcktl%2FUZyzELJimIg71%2BnvrJlFGpKC7x%2Bztpr"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=45670&sent=44&recv=36&lost=0&retrans=0&sent_bytes=35902&recv_bytes=8164&delivery_rate=370640&cwnd=24000&unsent_bytes=0&cid=aa7f48551c2069dd&ts=305&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 12:37:14 GMT
x-middleton-display: sol-js
content-type: application/javascript
last-modified: Tue, 15 Oct 2024 21:24:51 GMT
vary: Accept-Encoding
priority: u=3,i=?0
cache-control: max-age=31536000, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8da3373ed88b0bea-AMS
server: cloudflare

GET
H3 200 raleigh.js Show response
www.ezojs.com/detroitchicago/ 2 KB
1 KB 75ms
71ms Script
application/javascript 172.67.170.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ezojs.com/detroitchicago/raleigh.js?gcb=195-2&cb=7
Requested by: Host: securityonline.info
URL: https://securityonline.info/poc-released-for-windows-sysinternals-sysmon-privilege-escalation-cve-2023-29343-bug/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fba7686001b516b0414bef328255eca729f278c1d14d324c8567733426439a5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://securityonline.info/

Response headers

x-robots-tag: noindex
content-encoding: br
cf-bgj: minify
cf-cache-status: HIT
age: 658664
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yKEO3SQPPq2eBz4EgJ%2F1yzbbZzqMXw2LL8HOS5Qb2l4iCyIjhyr808T%2B%2BhbWEbGzh7AGXdnXOI4Q8L1lTpv5JGCcJcfIqCX4Gshv4lQNJGxFDiUJB2IKkZseob7C2Su9"}],"group":"cf-nel","max_age":604800}
cf-polished: origSize=1673
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=45670&sent=46&recv=36&lost=0&retrans=0&sent_bytes=37743&recv_bytes=8164&delivery_rate=370640&cwnd=24000&unsent_bytes=0&cid=aa7f48551c2069dd&ts=306&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 12:37:14 GMT
x-middleton-display: sol-js
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 08 Oct 2024 20:15:09 GMT
priority: u=3,i=?0
cache-control: max-age=31536000, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8da3373ed88d0bea-AMS
server: cloudflare

GET
H3 200 vista.js Show response
www.ezojs.com/detroitchicago/ 1 KB
1 KB 77ms
73ms Script
application/javascript 172.67.170.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ezojs.com/detroitchicago/vista.js?gcb=195-2&cb=6
Requested by: Host: securityonline.info
URL: https://securityonline.info/poc-released-for-windows-sysinternals-sysmon-privilege-escalation-cve-2023-29343-bug/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4559f063977072488f6dd2c96ff11fa2dbfc62c9e26d1b8c2c80c48a85964ecc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://securityonline.info/

Response headers

x-robots-tag: noindex
content-encoding: br
cf-bgj: minify
cf-cache-status: HIT
age: 504468
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9j3VSJkdf0tU8UoCnFldJ2k0W2Zsf5s4gCd3HbvqZkq7SpFCALDiLFZIk%2Bzn8F9RFxTEN5pzh9wfjHuxQuVnhEJCiDHzab6fJm3v%2BCz6k765rHpbkMyLJcfz%2FVuecszv"}],"group":"cf-nel","max_age":604800}
cf-polished: origSize=1067
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=45670&sent=50&recv=36&lost=0&retrans=0&sent_bytes=40565&recv_bytes=8164&delivery_rate=370640&cwnd=24000&unsent_bytes=0&cid=aa7f48551c2069dd&ts=311&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 12:37:14 GMT
x-middleton-display: sol-js
content-type: application/javascript
last-modified: Tue, 15 Oct 2024 21:24:44 GMT
vary: Accept-Encoding
priority: u=3,i=?0
cache-control: max-age=31536000, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8da3373ed88f0bea-AMS
server: cloudflare

GET
H3 200 Screenshot-2024-09-27-043941-80x80.png
cdn-0.securityonline.info/ezoimgfmt/b3442631.smushcdn.com/3442631/wp-content/uploads/2024/09/ 1 KB
3 KB 79ms
57ms Image
image/webp 172.67.134.242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.securityonline.info/ezoimgfmt/b3442631.smushcdn.com/3442631/wp-content/uploads/2024/09/Screenshot-2024-09-27-043941-80x80.png?lossy=1&strip=1&webp=1&ezimgfmt=rs:80x80/rscb1/ng:webp/ngcb1
Requested by: Host: securityonline.info
URL: https://securityonline.info/poc-released-for-windows-sysinternals-sysmon-privilege-escalation-cve-2023-29343-bug/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.134.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87f98402f3418e4edf6e0059273d042b16446371cb61edd4d3c86acce33dd1ce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://securityonline.info/

Response headers

cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cf-cache-status: HIT
etag: "b7a8f063d24f3d80185ca1eb2d4bd689-gzip"
age: 1191103
x-middleton-response: 200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RwqfJmlI7XWsSG9b5FNSjhlxai6%2Fj8lo2PVSAR6WLFVMfd7G86UWpwWwYYN6aNND0pC4%2BShDuI0D6ON4C9Pbkmm6krn%2BiXKTQt7mNOTvpFsg4GOJQJzwN%2FVhhBIysLtv%2BolYRHjBoO0dWE4C"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=36185&sent=51&recv=38&lost=0&retrans=0&sent_bytes=41358&recv_bytes=9137&delivery_rate=145016&cwnd=16800&unsent_bytes=0&cid=fb8a14a626c1a0a8&ts=640&x=1", cfHdrFlush;dur=0
content-type: image/webp
cdn-cache: HIT
cdn-cachedat: 10/03/2024 01:55:08
last-modified: Thu, 03 Oct 2024 01:52:07 GMT
x-amz-expiration: expiry-date="Sun, 03 Nov 2024 00:00:00 GMT", rule-id="expire"
x-ezoic-cdn: Hit d2;ms;e3416f24e1357b0818345df0b8b879bf;2-124533-146;cSo99jriptCt3gMRLUzNN
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
smushed: origFmt=png, origSize=2268, smushRatio=10.67, skipped=0, originCache=HIT
cdn-pullzone: 1946822
cdn-proxyver: 1.04
cdn-edgestorageid: 1082
server: cloudflare
cdn-requestcountrycode: DE
response: 200
date: Tue, 29 Oct 2024 12:37:14 GMT
x-middleton-display: staticcontent_sol
vary: Accept-Encoding,X-Ezoic-Excludewebp,User-Agent,Origin
display: staticcontent_sol
cdn-requestpullcode: 200
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requesttime: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-requestid: 4ab49730b4a91b4a63601d0728e82017
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
cf-ray: 8da3373fc8f7d37a-FRA
access-control-allow-origin: *
x-origin-cache-control: public, max-age=31919000

GET
H3 200 Screenshot-2024-10-03-140828-80x80.png
cdn-0.securityonline.info/ezoimgfmt/b3442631.smushcdn.com/3442631/wp-content/uploads/2024/10/ 190 B
2 KB 75ms
55ms Image
image/webp 172.67.134.242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.securityonline.info/ezoimgfmt/b3442631.smushcdn.com/3442631/wp-content/uploads/2024/10/Screenshot-2024-10-03-140828-80x80.png?lossy=1&strip=1&webp=1&ezimgfmt=rs:80x80/rscb1/ng:webp/ngcb1
Requested by: Host: securityonline.info
URL: https://securityonline.info/poc-released-for-windows-sysinternals-sysmon-privilege-escalation-cve-2023-29343-bug/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.134.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5b885450110f62a601a71866214768eb04deffca25e77197d1dfe2c875c38c7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://securityonline.info/

Response headers

cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cf-cache-status: HIT
etag: "14e3a3fdcf84f7872aa7566090621d4d-gzip"
age: 75557
x-middleton-response: 200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uQb6hWRxNZjP0Kh%2Bkzhv0ISnJXfKCUhwVzBmWK0IkMAf9TkwwVr2EGAqxof8GNlZ2VfMiZtG0qwGMxL7v5TYM4EFZmQSiibWJrEKztZi%2Fhk2pfCkiMgN2GLc2G91d%2FfVrE7KUh5AGwFp8wVe"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=36185&sent=54&recv=38&lost=0&retrans=0&sent_bytes=44166&recv_bytes=9137&delivery_rate=145016&cwnd=16800&unsent_bytes=0&cid=fb8a14a626c1a0a8&ts=641&x=1", cfHdrFlush;dur=0
content-type: image/webp
cdn-cache: HIT
cdn-cachedat: 10/03/2024 07:40:47
last-modified: Thu, 03 Oct 2024 07:38:41 GMT
x-amz-expiration: expiry-date="Sun, 03 Nov 2024 00:00:00 GMT", rule-id="expire"
x-ezoic-cdn: Hit d2;ms;e0fbc42f0220c2fbe4a2698611115ea8;2-124533-146;tOnhAr0Exf4m2ZXRiIMAJ
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
smushed: origFmt=png, origSize=880, smushRatio=54.77, skipped=0, originCache=HIT
cdn-pullzone: 1946822
cdn-proxyver: 1.04
cdn-edgestorageid: 1081
server: cloudflare
cdn-requestcountrycode: DE
response: 200
date: Tue, 29 Oct 2024 12:37:14 GMT
x-middleton-display: staticcontent_sol
vary: Accept-Encoding,X-Ezoic-Excludewebp,User-Agent,Origin
display: staticcontent_sol
cdn-requestpullcode: 200
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requesttime: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-requestid: bc6b257cd3b1ccb70ac38d317617f6b4
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
cf-ray: 8da3373fc900d37a-FRA
access-control-allow-origin: *
x-origin-cache-control: public, max-age=31919000

GET
H3 200 gvl.json Show response
the.gatekeeperconsent.com/cmp/ 639 KB
79 KB 60ms
47ms XHR
application/json 172.67.199.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://the.gatekeeperconsent.com/cmp/gvl.json?v=9&lang=en
Requested by: Host: the.gatekeeperconsent.com
URL: https://the.gatekeeperconsent.com/v2/cmp.js?v=260
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.199.186 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 514240f4f634d9bfeaa790739b88b57b2e6520642e23037ef3f81044a0a31793

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://securityonline.info/

Response headers

cache-control: public, max-age=345600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: HIT
age: 57333
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UikKmKrWJf3QZqmdy6OD2aCYQ%2BfySessscuBdHQ3IuCLWgUc1XVg3GEcVcBKyDaSeUmkuhNZfdQLT9zUmbRbHRsVgZqyNzxT6GNTv9zeSYgAVAIBF3VPq3vAE%2B%2BRrOKV22XtokUdWwbfAIK1"}],"group":"cf-nel","max_age":604800}
cf-ray: 8da337407d5802db-CDG
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=55720&sent=16&recv=13&lost=0&retrans=0&sent_bytes=7760&recv_bytes=4889&delivery_rate=65412&cwnd=12000&unsent_bytes=0&cid=3d78c6ec25229d7c&ts=397&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 12:37:14 GMT
content-type: application/json
last-modified: Mon, 28 Oct 2024 20:41:41 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 screx.js Show response
www.ezojs.com/tardisrocinante/ 6 KB
3 KB 63ms
52ms Script
application/javascript 172.67.170.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ezojs.com/tardisrocinante/screx.js?gcb=2&cb=5
Requested by: Host: securityonline.info
URL: https://securityonline.info/poc-released-for-windows-sysinternals-sysmon-privilege-escalation-cve-2023-29343-bug/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69770890d2cd34c85837868011966441b3234bd52fe0e2a4cb21092665331097

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://securityonline.info/

Response headers

x-robots-tag: noindex
content-encoding: br
cf-bgj: minify
cf-cache-status: HIT
age: 414104
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ct2o3WsBB3Ljszs%2FLwGpqpiu6HfTRQ6QeF%2FTSPUaofK1uq6JphJC73j2iyh40ilxtyEhQHwhrhEJnMF737S6h4SIYOTBvfdXwtCEwwyDY6obiXI9Zmk3hVkVxh6pFqwk"}],"group":"cf-nel","max_age":604800}
cf-polished: origSize=6176
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=46419&sent=55&recv=46&lost=0&retrans=0&sent_bytes=43224&recv_bytes=9563&delivery_rate=26236&cwnd=24000&unsent_bytes=0&cid=aa7f48551c2069dd&ts=565&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 12:37:14 GMT
x-middleton-display: sol-js
content-type: application/javascript
vary: Accept-Encoding
last-modified: Sun, 30 Jun 2024 01:08:29 GMT
priority: u=3,i=?0
cache-control: max-age=31536000, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8da337407a8d0bea-AMS
server: cloudflare

GET
H3 200 olathe.js Show response
www.ezojs.com/parsonsmaize/ 2 KB
2 KB 72ms
61ms Script
application/javascript 172.67.170.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ezojs.com/parsonsmaize/olathe.js?gcb=195-2&cb=25
Requested by: Host: securityonline.info
URL: https://securityonline.info/poc-released-for-windows-sysinternals-sysmon-privilege-escalation-cve-2023-29343-bug/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 037d14ce96f27706386c4475d17d7e4e448247ad61aa33b8328d4968bb83234e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://securityonline.info/

Response headers

x-robots-tag: noindex
content-encoding: br
cf-bgj: minify
cf-cache-status: HIT
age: 22161
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FHSeJSSk4dZNbJmR8a4FigMjPfS3nQnuSk59Y74iai6VxQYP4fUeEa58DTTZ7jcYH%2FxMwEBG%2F4eGHMl3YJX9hcSfpNnO8bZYsRkdA9cD%2BecdntWR8cPKZ5VEtTJA6LmG"}],"group":"cf-nel","max_age":604800}
cf-polished: origSize=2221
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=46419&sent=64&recv=46&lost=0&retrans=0&sent_bytes=53157&recv_bytes=9563&delivery_rate=26236&cwnd=24000&unsent_bytes=0&cid=aa7f48551c2069dd&ts=572&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 12:37:14 GMT
x-middleton-display: sol-js
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 23 Oct 2024 16:13:39 GMT
priority: u=3,i=?0
cache-control: max-age=31536000, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8da337407a930bea-AMS
server: cloudflare

GET
H3 200 vitals.js Show response
www.ezojs.com/tardisrocinante/ 11 KB
5 KB 83ms
74ms Script
application/javascript 172.67.170.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ezojs.com/tardisrocinante/vitals.js?gcb=2&cb=4
Requested by: Host: securityonline.info
URL: https://securityonline.info/poc-released-for-windows-sysinternals-sysmon-privilege-escalation-cve-2023-29343-bug/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c2df0892b2e68fb2a1baee0cbf0ad2aac11419d49c9b97f10a81455b03e6a93

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://securityonline.info/

Response headers

x-robots-tag: noindex
content-encoding: br
cf-bgj: minify
cf-cache-status: HIT
age: 1769040
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iq%2B8p3o9tnJX68T3p%2B1KQ8IEWtOaRa7WsPOJ%2FI73yi8McZ%2FNdjvu5Yn3jv8bT6VqKuMzYkQe%2BES8r0jyF96%2Fh7iGamxEv6cYVEatNJku%2FbJnwTsXBaqhqXAulmqlEc8%2B"}],"group":"cf-nel","max_age":604800}
cf-polished: origSize=11417
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=46419&sent=66&recv=46&lost=0&retrans=0&sent_bytes=54819&recv_bytes=9563&delivery_rate=26236&cwnd=24000&unsent_bytes=0&cid=aa7f48551c2069dd&ts=579&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 12:37:14 GMT
x-middleton-display: sol-js
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 28 Mar 2024 22:26:10 GMT
priority: u=3,i=?0
cache-control: max-age=31536000, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8da337407a980bea-AMS
server: cloudflare

GET
H3 200 chanute.js Show response
www.ezojs.com/parsonsmaize/ 21 KB
6 KB 65ms
56ms Script
application/javascript 172.67.170.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ezojs.com/parsonsmaize/chanute.js?a=a&cb=10&dcb=195-2&shcb=34
Requested by: Host: securityonline.info
URL: https://securityonline.info/poc-released-for-windows-sysinternals-sysmon-privilege-escalation-cve-2023-29343-bug/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8cb6666ac5ca730743eb9537dfb26940c88ffcbf6965a5122760a9d1e46a1503

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://securityonline.info/

Response headers

x-robots-tag: noindex
content-encoding: br
cf-bgj: minify
cf-cache-status: HIT
age: 35673
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5vgBWqIr1XCGp0uwR9FanhtMCgr8VWMWDGRNdENEoCTHhnNIEtWmAE5wUz3cfJDXyzBkoLYlgPrEVJ1oIyf0AVt9gNPIHDVMAweCymH6CQl1jJzuPnrbgGL21L7bZq5M"}],"group":"cf-nel","max_age":604800}
cf-polished: origSize=21786
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=46419&sent=58&recv=46&lost=0&retrans=0&sent_bytes=46370&recv_bytes=9563&delivery_rate=26236&cwnd=24000&unsent_bytes=0&cid=aa7f48551c2069dd&ts=568&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 12:37:14 GMT
x-middleton-display: sol-js
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 23 Oct 2024 16:29:37 GMT
priority: u=3,i=?0
cache-control: max-age=31536000, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8da337407a9a0bea-AMS
server: cloudflare

GET
H3 200 css
fonts.googleapis.com/ 417 B
417 B 84ms
54ms Image
text/css 216.58.206.74
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fonts.googleapis.com/css?family=Antic+Slab:regular&display=optional

Requested by

Host: securityonline.info
URL: https://securityonline.info/poc-released-for-windows-sysinternals-sysmon-privilege-escalation-cve-2023-29343-bug/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tzfraa-aa-in-f10.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://securityonline.info/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 29 Oct 2024 12:37:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Oct 2024 12:37:14 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 29 Oct 2024 12:37:14 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 wgs2.css
cdn-0.securityonline.info/wp-content/plugins/wp-google-search/ 3 KB
3 KB 29ms
29ms Image
text/css 172.67.134.242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.securityonline.info/wp-content/plugins/wp-google-search/wgs2.css?ezmin=true&ff=1&ver=6.6.2&wps=false&ez_used_css_s=13
Requested by: Host: securityonline.info
URL: https://securityonline.info/poc-released-for-windows-sysinternals-sysmon-privilege-escalation-cve-2023-29343-bug/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.134.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://securityonline.info/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"62eaa675-a60-gzip"
age: 402141
x-middleton-response: 200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fwpL8BPQsYlrIW1DwcdOvD5zPEjUylxSpwrNnwEH0tdldPRclsWRiuUxDOVIr8EjZPDFB3%2FvVRTuvAyf%2BHNcH1whE0sEOXMO3Nh6Piz0BNRb86OKXE1pocX44JYXEkLE2OJuyWGXd6F3ToxK"}],"group":"cf-nel","max_age":604800}
response: 200
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=48007&sent=19&recv=11&lost=0&retrans=0&sent_bytes=12634&recv_bytes=5881&delivery_rate=67737&cwnd=12000&unsent_bytes=0&cid=fb8a14a626c1a0a8&ts=75&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 12:37:14 GMT
x-middleton-display: staticcontent_sol, orig_site_sol
content-type: text/css
last-modified: Wed, 03 Aug 2022 16:46:45 GMT
x-ezoic-cdn: Hit d2;mm;f328fe5059a0de988e1ef64fef8ce79d;2-124533-146;RnNiJ9z3lXqfyKj4OlOvw
display: staticcontent_sol, orig_site_sol
vary: Accept-Encoding,User-Agent,Origin
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: public
x-sol: orig
cf-ray: 8da3373c3ffcd37a-FRA
x-origin-cache-control: max-age=2592000
server: cloudflare

GET
H3 200 style.min.css
cdn-0.securityonline.info/wp-includes/css/dist/block-library/ 3 KB
3 KB 27ms
27ms Image
text/css 172.67.134.242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.securityonline.info/wp-includes/css/dist/block-library/style.min.css?ezmin=true&ff=1&ver=6.6.2&wps=false&ez_used_css_s=13
Requested by: Host: securityonline.info
URL: https://securityonline.info/poc-released-for-windows-sysinternals-sysmon-privilege-escalation-cve-2023-29343-bug/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.134.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://securityonline.info/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"66f2918a-1b72b-gzip"
age: 1279606
x-middleton-response: 200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KMXme0cX7M%2F97%2F9XiVu9kGnbYlF8NN1Cpt1R4m3t2CFVAYDEWZj4HTg0XStAPYaxnBE6KnRFnLQO6MhOcFcR164uBaf6m5rKrCFc2JM89hivlN2eDr96XHzat%2F%2FIfKOaaMwH796oWhSzrfk3"}],"group":"cf-nel","max_age":604800}
response: 200
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=43354&sent=24&recv=13&lost=0&retrans=0&sent_bytes=16173&recv_bytes=5971&delivery_rate=20737&cwnd=12000&unsent_bytes=0&cid=fb8a14a626c1a0a8&ts=92&x=1", cfHdrFlush;dur=14
date: Tue, 29 Oct 2024 12:37:14 GMT
x-middleton-display: staticcontent_sol, orig_site_sol
content-type: text/css
last-modified: Tue, 24 Sep 2024 10:16:42 GMT
x-ezoic-cdn: Hit d2;mm;7cbae1f9eea0acda49c689fadb8f542d;2-124533-146;ha0OhMEzyEZ9vEbJrjYuM
display: staticcontent_sol, orig_site_sol
vary: Accept-Encoding,User-Agent,Origin
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: public
x-sol: orig
cf-ray: 8da3373c3ffed37a-FRA
x-origin-cache-control: max-age=2592000
server: cloudflare

GET
H3 200 hph-front.min.css
cdn-0.securityonline.info/wp-content/themes/hueman-pro/addons/assets/front/css/ 3 KB
3 KB 29ms
29ms Image
text/css 172.67.134.242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.securityonline.info/wp-content/themes/hueman-pro/addons/assets/front/css/hph-front.min.css?ezmin=true&ff=1&ver=1.4.27&wps=false&ez_used_css_s=13
Requested by: Host: securityonline.info
URL: https://securityonline.info/poc-released-for-windows-sysinternals-sysmon-privilege-escalation-cve-2023-29343-bug/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.134.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://securityonline.info/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"6613be41-38d1-gzip"
age: 1279606
x-middleton-response: 200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LzZTlu%2BEacx8HI1ZmXMTkmfvWudfvr36rWzK1rmb%2FfPRhGwvpsBzqPgjBVEPDjJesUEKIPS1xYVWPzM%2Fe2LjJkVzoNxEBdNZIavqBw4m61aywBEHmsdIhzAIuMdLY%2BIveJ89svv3zjfJuRZc"}],"group":"cf-nel","max_age":604800}
response: 200
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=48007&sent=21&recv=11&lost=0&retrans=0&sent_bytes=14366&recv_bytes=5881&delivery_rate=67737&cwnd=12000&unsent_bytes=0&cid=fb8a14a626c1a0a8&ts=77&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 12:37:14 GMT
x-middleton-display: staticcontent_sol, orig_site_sol
content-type: text/css
last-modified: Mon, 08 Apr 2024 09:52:01 GMT
x-ezoic-cdn: Hit d2;mm;a3b150e7509d3ed6a3efd2ea9c82bbf0;2-124533-146;oRv20BKINq73TD_q2xzd1
display: staticcontent_sol, orig_site_sol
vary: Accept-Encoding,User-Agent,Origin
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: public
x-sol: orig
cf-ray: 8da3373c3800d37a-FRA
x-origin-cache-control: max-age=2592000
server: cloudflare

GET
H3 200 main.min.css
cdn-0.securityonline.info/wp-content/themes/hueman-pro/assets/front/css/ 48 KB
48 KB 31ms
31ms Image
text/css 172.67.134.242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.securityonline.info/wp-content/themes/hueman-pro/assets/front/css/main.min.css?ezmin=true&ff=1&ver=1.4.27&wps=false&ez_used_css_s=13
Requested by: Host: securityonline.info
URL: https://securityonline.info/poc-released-for-windows-sysinternals-sysmon-privilege-escalation-cve-2023-29343-bug/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.134.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://securityonline.info/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"6613be41-17060-gzip"
age: 1186166
x-middleton-response: 200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mLRy%2BlnTZArquH1Q3%2F%2B%2FvnBGCbk5zPqzxl5El2TGEweVK05mxcAk8uZiG5yCG4w4TOI0tMY2kEgIGk7iMtYwki16jcqgRjepau3xY5XE1NYEv%2F6L8HI5Z7Zujy%2FI8BaDErSJqelWemVgXUho"}],"group":"cf-nel","max_age":604800}
response: 200
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=48007&sent=23&recv=11&lost=0&retrans=0&sent_bytes=15623&recv_bytes=5881&delivery_rate=67737&cwnd=12000&unsent_bytes=0&cid=fb8a14a626c1a0a8&ts=78&x=1", cfHdrFlush;dur=29
date: Tue, 29 Oct 2024 12:37:14 GMT
x-middleton-display: staticcontent_sol, orig_site_sol
content-type: text/css
last-modified: Mon, 08 Apr 2024 09:52:01 GMT
x-ezoic-cdn: Hit d2;mm;eb9d30b0ee60ce46602aadcd5e9188b6;2-124533-146;sjzTMexJOkxrvaKMudCR4
display: staticcontent_sol, orig_site_sol
vary: Accept-Encoding,User-Agent,Origin
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: public
x-sol: orig
cf-ray: 8da3373c3802d37a-FRA
x-origin-cache-control: max-age=2592000
server: cloudflare

GET
H3 200 surly-badges.min.css
cdn.sur.ly/widget-awards/css/ 17 KB
17 KB 44ms
43ms Image
text/css 172.67.74.235
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.sur.ly/widget-awards/css/surly-badges.min.css
Requested by: Host: securityonline.info
URL: https://securityonline.info/poc-released-for-windows-sysinternals-sysmon-privilege-escalation-cve-2023-29343-bug/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.74.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://securityonline.info/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"62a6bbbc-4517"
age: 497306
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vfyUfCVsshj8Es%2FAP7vCqS%2F1WlKf9qEkljbbrEvP2Vj9xZfgyDy%2BI0ax8Q2xWvQYG%2FsZv%2BBm8xdAvvHa%2B8xGCt%2BgH64rZE0N6K7KS5L%2Bc3g9xE3pr85kTnfPey8%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 14 Nov 2024 18:12:02 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 29 Oct 2024 12:37:14 GMT
content-type: text/css
last-modified: Mon, 13 Jun 2022 04:23:24 GMT
vary: Accept-Encoding
priority: u=2,i=?0
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8da3373c3e1fdc80-FRA
server: cloudflare

POST
H2 200 imp.gif
securityonline.info/detroitchicago/ 43 B
246 B 42ms
29ms Ping
image/gif 2a05:d014:776:a63e:ceb:15ad:bbb7:6a9d
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://securityonline.info/detroitchicago/imp.gif
Requested by: Host: www.ezojs.com
URL: https://www.ezojs.com/parsonsmaize/abilene.js?gcb=195-2&cb=38
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63e:ceb:15ad:bbb7:6a9d Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://securityonline.info/poc-released-for-windows-sysinternals-sysmon-privilege-escalation-cve-2023-29343-bug/

Response headers

access-control-max-age: 1728000, 1728000
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, OPTIONS, HEAD, PUT, POST, GET, OPTIONS
expires: Mon, 28 Oct 2024 12:37:15 GMT
access-control-allow-origin: https://securityonline.info, https://securityonline.info
content-length: 43
date: Tue, 29 Oct 2024 12:37:15 GMT
x-middleton-display: imp_sol
content-type: image/gif
vary: Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-headers: Content-Type, Content-Type

GET
H3 200 script_delay.js Show response
www.ezojs.com/tardisrocinante/ 6 KB
3 KB 74ms
72ms Script
application/javascript 172.67.170.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ezojs.com/tardisrocinante/script_delay.js?gcb=2&cb=2
Requested by: Host: securityonline.info
URL: https://securityonline.info/poc-released-for-windows-sysinternals-sysmon-privilege-escalation-cve-2023-29343-bug/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56586cbb823efeb5e11b1dc1d7a8388ec250b365d4693735ae24ae57829ca640

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://securityonline.info/

Response headers

x-robots-tag: noindex
content-encoding: br
cf-bgj: minify
cf-cache-status: HIT
age: 502553
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sTGYp16HVVmMmHTek8ayeNOd3swpidQsuqhctTkaYR%2FuLNJmklYLCuZwPkFhnrjAVFAcB3K9Pe6oxcYMl9KEIvPacVMOw2ya%2Bgnt3QB%2B%2BhWWwdRkXo4%2BXfUPCi0g42Eo"}],"group":"cf-nel","max_age":604800}
cf-polished: origSize=6511
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=45365&sent=71&recv=54&lost=0&retrans=0&sent_bytes=59606&recv_bytes=10157&delivery_rate=312156&cwnd=24000&unsent_bytes=0&cid=aa7f48551c2069dd&ts=652&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 12:37:15 GMT
x-middleton-display: sol-js
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 02 Jul 2024 02:07:21 GMT
priority: u=3,i=?0
cache-control: max-age=31536000, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8da337410b610bea-AMS
server: cloudflare

GET
H3 200 gvl.json Show response
the.gatekeeperconsent.com/cmp/ 48 KB
10 KB 52ms
51ms XHR
application/json 172.67.199.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://the.gatekeeperconsent.com/cmp/gvl.json?v=9&lang=de
Requested by: Host: the.gatekeeperconsent.com
URL: https://the.gatekeeperconsent.com/v2/cmp.js?v=260
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.199.186 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76d6c27cf7ce971b8dd08a34b803d8c92c0ad1e1b31cadddecb61be403e6be28

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://securityonline.info/

Response headers

cache-control: public, max-age=345600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: HIT
age: 156795
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NQxQbGbp4drItFTmMivxm9XthmToluPr2r70nmdYmovfPSqiyl44LQSii9oL90ylG2fDhWFdPLu%2BiRpi80B%2Bd4%2F4Hi3BqO7FlwRY%2BTS4tobiTZ302nmZO2pNovTnX3eA%2Bp7NjyDGkAH%2BenNm"}],"group":"cf-nel","max_age":604800}
cf-ray: 8da33741bf1e02db-CDG
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=40050&sent=88&recv=49&lost=0&retrans=0&sent_bytes=90777&recv_bytes=6743&delivery_rate=1129344&cwnd=45600&unsent_bytes=0&cid=3d78c6ec25229d7c&ts=605&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 12:37:15 GMT
content-type: application/json
last-modified: Sun, 27 Oct 2024 17:04:00 GMT
vary: Accept-Encoding
server: cloudflare

GET white-hat-h-80x80.png
b3442631.smushcdn.com/3442631/wp-content/uploads/2024/09/ 0
0

GET
H3 200 main_modal_firstpage Show response
the.gatekeeperconsent.com/cmp/v2/ 22 KB
5 KB 61ms
61ms Fetch
text/html 172.67.199.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://the.gatekeeperconsent.com/cmp/v2/main_modal_firstpage?domain=securityonline.info&region=default&lang=de-DE&cb=260&changeLogId=1998328
Requested by: Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/tulsa.js?gcb=195-2&cb=9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.199.186 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 265f978486e357eca119a82063d7233cc69b45eb8ec22a886744824c47325061

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://securityonline.info/

Response headers

access-control-max-age: 1728000
content-encoding: br
cf-cache-status: HIT
age: 1228130
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ajYYKS5G6h1yXhStxm1%2BEIHocMNMjagPEO8MwhLioQHyYveIsGPQNTfYJ8QLiX2dFKXrEH63OsChXE9vH1dEIm83rLeT%2F3dN6cz9URgzpEClZt6AWBheLtG%2Bp2Tib9wumsCGQ%2Bhy5F6H5MLU"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, PUT, OPTIONS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=40669&sent=101&recv=57&lost=0&retrans=1&sent_bytes=102836&recv_bytes=7807&delivery_rate=14634&cwnd=45600&unsent_bytes=0&cid=3d78c6ec25229d7c&ts=765&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 12:37:15 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
last-modified: Tue, 15 Oct 2024 07:28:25 GMT
access-control-allow-headers: Content-Type
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 8da33742b82302db-CDG
access-control-allow-origin: https://securityonline.info
server: cloudflare

OPTIONS
H3 200 main_modal_firstpage
the.gatekeeperconsent.com/cmp/v2/ 0
0 44ms
44ms Preflight
text/plain 172.67.199.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://the.gatekeeperconsent.com/cmp/v2/main_modal_firstpage?domain=securityonline.info&region=default&lang=de-DE&cb=260&changeLogId=1998328
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.199.186 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://securityonline.info
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-allow-origin: https://securityonline.info
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8da337426fd602db-CDG
content-length: 0
content-type: text/plain; charset=utf-8
date: Tue, 29 Oct 2024 12:37:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JYTe9dpAnzhV9zgpMueZay4bhFPPurjLAiAkaCsqPp9qC92muxgLEmJud4RtPoqw3JeTwfOsKFwMoGbRqCpuHEh%2BSH2CqMdAycVMv0XBLLbfydTm93xz%2BIudIPk%2B8lYBfB%2B68V0%2FwCTqi912"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=41190&sent=99&recv=55&lost=0&retrans=1&sent_bytes=102073&recv_bytes=7363&delivery_rate=212045&cwnd=45600&unsent_bytes=0&cid=3d78c6ec25229d7c&ts=715&x=1" cfHdrFlush;dur=0
vary: Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers

GET white-hat-h-320x320.png
b3442631.smushcdn.com/3442631/wp-content/uploads/2024/09/ 0
0

POST
H2 200 lcpel.go Show response
securityonline.info/cheetah/ 0
183 B 121ms
23ms XHR
text/plain 2a05:d014:776:a63e:ceb:15ad:bbb7:6a9d
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://securityonline.info/cheetah/lcpel.go
Requested by: Host: securityonline.info
URL: https://securityonline.info/poc-released-for-windows-sysinternals-sysmon-privilege-escalation-cve-2023-29343-bug/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63e:ceb:15ad:bbb7:6a9d Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://securityonline.info/poc-released-for-windows-sysinternals-sysmon-privilege-escalation-cve-2023-29343-bug/

Response headers

cache-control: private, max-age=0, must-revalidate, no-cache, no-store
expires: Mon, 28 Oct 2024 12:37:17 GMT
access-control-allow-origin: https://securityonline.info
content-length: 0
date: Tue, 29 Oct 2024 12:37:17 GMT
content-type: text/plain; charset=utf-8
vary: Accept-Encoding
server: Apache/2.4.39 (Ubuntu)

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: b3442631.smushcdn.com
URL: https://b3442631.smushcdn.com/3442631/wp-content/uploads/2023/06/PoC.png?lossy=1&strip=1&webp=1

Domain: b3442631.smushcdn.com
URL: https://b3442631.smushcdn.com/3442631/wp-content/uploads/2023/06/PoC-1024x278.png?lossy=1&strip=1&webp=1

Domain: b3442631.smushcdn.com
URL: https://b3442631.smushcdn.com/3442631/wp-content/uploads/2024/09/Tor-logo-2011-flat.svg_-80x80.png?lossy=1&strip=1&webp=1

Domain: b3442631.smushcdn.com
URL: https://b3442631.smushcdn.com/3442631/wp-content/uploads/2024/09/white-hat-h-80x80.png?lossy=1&strip=1&webp=1

Domain: b3442631.smushcdn.com
URL: https://b3442631.smushcdn.com/3442631/wp-content/uploads/2024/09/white-hat-h-320x320.png?lossy=1&strip=1&webp=1

Verdicts & Comments Add Verdict or Comment

102 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.securityonline.info/	1970-01-21 00:36:47	Name: ezoictest Value: stable

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
b3442631.smushcdn.com
cdn-0.securityonline.info
cdn.sur.ly
fonts.googleapis.com
fonts.gstatic.com
g.ezodn.com
go.ezodn.com
privacy.gatekeeperconsent.com
securepubads.g.doubleclick.net
securityonline.info
the.gatekeeperconsent.com
www.ezojs.com
www.googletagmanager.com
b3442631.smushcdn.com
142.250.186.130
172.67.134.242
172.67.170.144
172.67.199.186
172.67.74.235
188.114.97.3
216.58.206.35
216.58.206.74
2a00:1450:4001:809::200a
2a00:1450:4001:827::2008
2a00:1450:4001:82b::200a
2a05:d014:776:a63e:ceb:15ad:bbb7:6a9d
007078a6fc420ba722a9a08f6237161e0736553b1ea84a0b8f677468ddbcaf11
031451a08ac9dfd5d91a2fb8101be8c4d7cf0c8941d8542abb6fd61d221b2342
037d14ce96f27706386c4475d17d7e4e448247ad61aa33b8328d4968bb83234e
092955f521559093671a2302925cf7e43be3c9c36a2f4c32a35c4d910feb6984
0a143a0231b41e8939c3f61fb57070aab6570ec44467d96037be09fd9d9b0caa
0f67393986c012dbf48aa3149e2874bd84ed5f466362ad1ac31305f697f1da7b
1994d6de24d0effc59c81c0a86f223027144e10ca0f416e0ab3ecb7e5a10be0b
1d7a77f24fc31abf310ccb240b2e0a49f2582823f990eef11a3abc37f286ea12
1ef12885818ccd0fccaf717b7afb34a93a2dc0b74729d4f2cc1e198e80f8395b
23bfcda874b9fc0054dabaafae0c0668a78af7f60a3fc362ea33034d5d318ae8
24df88e7e15c4b0b11eccc139235e04384513c803b5221485375b7acee755bac
265f978486e357eca119a82063d7233cc69b45eb8ec22a886744824c47325061
3c478d59cd9c14ded18169933a9703a61220b737631fa08035f626f45867c134
4559f063977072488f6dd2c96ff11fa2dbfc62c9e26d1b8c2c80c48a85964ecc
475d40eb6a079ff5ef3115ad68f9f31abfc6fc5af0194c4a04248342c8bb2bfc
475d6916882cc56cd9a656c1823de0354e5c2a59ef91433b13639194fe51a850
4888a66bba852c8e65bd9af8e17044d38ee63229ad0f56eb1bb155e4f22c0389
4c2df0892b2e68fb2a1baee0cbf0ad2aac11419d49c9b97f10a81455b03e6a93
514240f4f634d9bfeaa790739b88b57b2e6520642e23037ef3f81044a0a31793
51c32f470f984062c9fd137b6b4279b7a623ceb1e032c151eaa13273ba48b258
529d0a7b3944929222155bca3272ba1a87acc2faa09b2ed26a713872b7ff8794
56586cbb823efeb5e11b1dc1d7a8388ec250b365d4693735ae24ae57829ca640
5b2b8d431ffc12e91090b624fc573a8ef4d18a8c68abc862fe1b1f40b17be72a
69770890d2cd34c85837868011966441b3234bd52fe0e2a4cb21092665331097
6a8dca11233d5eef30d55bfd20f2e6e40d1dc54f6d43d4c7419db898fc264835
6b02c07c12bae1eef3257a8f6b7b803e2a3979021acbd64945564800fb399507
6c916669cf923b4f1b2db5c5107c83b6ca205e7ad0dcd840b251e63f0c8d28a2
6e9cc574a5fac93935179f833c3c532a2d29f30cbbe4485e26cf1910b487180c
709db6c0f6bdf9ceb176a43adf30eb1be65c0b2b1f7130d203133e4af06a2651
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a
76d6c27cf7ce971b8dd08a34b803d8c92c0ad1e1b31cadddecb61be403e6be28
77a40222cb1869e1fe6c264f3e47bb35c9cc0bbf2cc422bd743ad7f4fd6f9338
7f327a49e1abd9c597da3d0c1c791d7aca5c1350941ddef3d352c4cc896bf557
81aeba690e3f1b2f6800e2d87b03a47fce54086d0bdaafc0b6a6ff6f01daadcf
86e721bb96c71af08a282151a6246606d325447fc603947cffb628265d7509be
87f98402f3418e4edf6e0059273d042b16446371cb61edd4d3c86acce33dd1ce
8cb6666ac5ca730743eb9537dfb26940c88ffcbf6965a5122760a9d1e46a1503
8e2e9642ce4893f96c168bd664e248170d5de361db3ae3a0280089d72b29dd20
9d47fcfe01b11324d684103805c7b679a8e6ef010316c4d6964f34c001c0a97e
9fba7686001b516b0414bef328255eca729f278c1d14d324c8567733426439a5
b3b8c21edfe6c5e402fdc607366fd8d15949a65914f58134733dc68922bc8d61
b4942a37edccd3ec37b80946c93006fd0b371d2fcdfcca75a6c5fd47f350cdd7
bb947597b409a7f8b7c3751c6defa7208a7b55881c09387bcf5be94572dbf633
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
cac8b9784ba1bb5d7a7b66f0cec55d996907b73ce993138ab998d8b05b11ffea
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e101d16a6ecf89ef9202a080805ca74020676fee47c9794a0002af8ddc8c7afb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b885450110f62a601a71866214768eb04deffca25e77197d1dfe2c875c38c7
eeea57551b14b19f15f12eb019b03f59b950ab1a670d9c6e998e4d68f6aa6dd9
f2345a0a9adb980ab9b3223672f8a3a64f544194c0a30d65eb980c2934b1a02a
f8f9daa5a391e4becb1ef21376f88772a4b5a874c50d22348b0fcc489dcc7b95
fd6261240ed0f12a5cc73e1a74452182697f4b09560cdfbb3b2f17e0659a2f7f
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

securityonline.info Open in urlscan Pro 2a05:d014:776:a63e:ceb:15ad:bbb7:6a9d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

64 Requests

92 %HTTPS

33 %IPv6

10 Domains

14 Subdomains

13 IPs

3 Countries

915 kBTransfer

2661 kBSize

1 Cookies

12 Outgoing links

Redirected requests

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

securityonline.info Open in urlscan Pro
2a05:d014:776:a63e:ceb:15ad:bbb7:6a9d Public Scan

Screenshot
Live screenshot

Full Image

64
Requests

92 %
HTTPS

33 %
IPv6

10
Domains

14
Subdomains

13
IPs

3
Countries

915 kB
Transfer

2661 kB
Size

1
Cookies

64 HTTP transactions
2 data transactions