sploitus.com Open in urlscan Pro
172.67.172.46 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://sploitus.com/exploit?id=C87C2B32-A397-5974-98DB-87640D47A1D6
Submission: On August 26 via manual (August 26th 2024, 10:07:38 am UTC) from HK — Scanned from US

Summary HTTP 24 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 10 domains to perform 24 HTTP transactions. The main IP is 172.67.172.46, located in United States and belongs to CLOUDFLARENET, US. The main domain is sploitus.com.
TLS certificate: Issued by WE1 on August 26th 2024. Valid for: 3 months.

This is the only time sploitus.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 8	172.67.172.46 172.67.172.46	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.251.32.104 142.251.32.104	15169 (GOOGLE) (GOOGLE)
1	104.16.79.73 104.16.79.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.129.229 151.101.129.229	54113 (FASTLY) (FASTLY)
2	142.250.65.174 142.250.65.174	15169 (GOOGLE) (GOOGLE)
1	216.239.38.181 216.239.38.181	15169 (GOOGLE) (GOOGLE)
1	142.251.16.156 142.251.16.156	15169 (GOOGLE) (GOOGLE)
1	142.251.32.98 142.251.32.98	15169 (GOOGLE) (GOOGLE)
5 9	87.250.250.119 87.250.250.119	13238 (YANDEX) (YANDEX)
1 3	77.88.21.119 77.88.21.119	13238 (YANDEX) (YANDEX)
2	2606:4700:303... 2606:4700:3032::ac43:ac2e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	11

8 172.67.172.46 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

sploitus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.32.104 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.79.73 (None, )

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.229 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.65.174 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.38.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.16.156 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.32.98 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f2.1e100.net

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 87.250.250.119 (Russian Federation) 5 redirects

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 77.88.21.119 (Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.webvisor.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::ac43:ac2e (United States)

ASN13335 (CLOUDFLARENET, US)

sploitus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	sploitus.com 1 redirects sploitus.com	51 KB
8	yandex.ru 4 redirects mc.yandex.ru — Cisco Umbrella Rank: 2503	6 KB
2	yandex.com 1 redirects mc.yandex.com — Cisco Umbrella Rank: 6787	751 B
2	webvisor.org 1 redirects mc.webvisor.org — Cisco Umbrella Rank: 20368	893 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 252 td.doubleclick.net — Cisco Umbrella Rank: 481	251 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	167 KB
1	google.com analytics.google.com — Cisco Umbrella Rank: 238
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 410	82 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1223	7 KB
24	10

	Domain	Requested by
10	sploitus.com	1 redirects sploitus.com static.cloudflareinsights.com
8	mc.yandex.ru	4 redirects sploitus.com cdn.jsdelivr.net
2	mc.yandex.com	1 redirects sploitus.com
2	mc.webvisor.org	1 redirects sploitus.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	sploitus.com www.googletagmanager.com
1	td.doubleclick.net	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	cdn.jsdelivr.net	sploitus.com
1	static.cloudflareinsights.com	sploitus.com
24	11

This site contains no links.

Subject Issuer	Validity	Valid
sploitus.com WE1	`2024-08-26` - `2024-11-24`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
cloudflareinsights.com WE1	`2024-07-06` - `2024-10-04`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
*.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2024-05-23` - `2024-11-02`	5 months	crt.sh

This page contains 4 frames:

Primary Page: https://sploitus.com/exploit?id=C87C2B32-A397-5974-98DB-87640D47A1D6
Frame ID: CE46ED78364658E6ACB1B6FFC3C6FCEB
Requests: 20 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-MEMT0D846W&gacid=673353335.1724666853&gtm=45je48l0v9119029796za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=1598775215
Frame ID: FF340064B7B344A740DAF5CBE8CAD145
Requests: 1 HTTP requests in this frame

Frame: https://sploitus.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/6790c32b9fc9/main.js
Frame ID: B58ED1D03DC7699B4A87D02F83522A72
Requests: 2 HTTP requests in this frame

Frame: https://mc.yandex.ru/metrika/metrika_match.html
Frame ID: 26BC18905BDDE2CD6761D514E1A29DCD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

💀 Exploit for CVE-2024-28000

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

24
Requests

79 %
HTTPS

9 %
IPv6

10
Domains

11
Subdomains

11
IPs

3
Countries

331 kB
Transfer

899 kB
Size

28
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://sploitus.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://sploitus.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/6790c32b9fc9/main.js

Request Chain 13

https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fsploitus.com%2Fexploit%3Fid%3DC87C2B32-A397-5974-98DB-87640D47A1D6&page-ref=&charset=utf-8&browser-info=pv%3A1%3Avf%3Acstsejpczyib8nfqqomnpp0afz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1410%3Acn%3A2%3Adp%3A0%3Als%3A581751816131%3Ahid%3A488946052%3Az%3A-600%3Ai%3A20240826000733%3Aet%3A1724666853%3Ac%3A1%3Arn%3A882119717%3Arqn%3A1%3Au%3A1724666853424750309%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A703%3Awv%3A2%3Ads%3A14%2C317%2C128%2C3%2C1%2C0%2C%2C209%2C38%2C%2C%2C%2C981%3Aco%3A0%3Acpf%3A1%3Ans%3A1724666852219%3Agi%3AR0ExLjEuNjczMzUzMzM1LjE3MjQ2NjY4NTM%3D%3Ast%3A1724666853&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(65536)ti(1) HTTP 302
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fsploitus.com%2Fexploit%3Fid%3DC87C2B32-A397-5974-98DB-87640D47A1D6&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3Acstsejpczyib8nfqqomnpp0afz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1410%3Acn%3A2%3Adp%3A0%3Als%3A581751816131%3Ahid%3A488946052%3Az%3A-600%3Ai%3A20240826000733%3Aet%3A1724666853%3Ac%3A1%3Arn%3A882119717%3Arqn%3A1%3Au%3A1724666853424750309%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A703%3Awv%3A2%3Ads%3A14%2C317%2C128%2C3%2C1%2C0%2C%2C209%2C38%2C%2C%2C%2C981%3Aco%3A0%3Acpf%3A1%3Ans%3A1724666852219%3Agi%3AR0ExLjEuNjczMzUzMzM1LjE3MjQ2NjY4NTM%3D%3Ast%3A1724666853&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2865536%29ti%281%29&redirnss=1

Request Chain 15

https://mc.yandex.ru/watch/54912310?wmode=7&page-url=https%3A%2F%2Fsploitus.com%2Fexploit%3Fid%3DC87C2B32-A397-5974-98DB-87640D47A1D6&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpczyib8nfqqomnpp0afz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1410%3Acn%3A1%3Adp%3A0%3Als%3A1014013293420%3Ahid%3A488946052%3Az%3A-600%3Ai%3A20240826000733%3Aet%3A1724666853%3Ac%3A1%3Arn%3A411736384%3Arqn%3A1%3Au%3A1724666853424750309%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A703%3Awv%3A2%3Ads%3A14%2C317%2C128%2C3%2C1%2C0%2C%2C209%2C38%2C%2C%2C%2C981%3Aco%3A0%3Acpf%3A1%3Ans%3A1724666852219%3Agi%3AR0ExLjEuNjczMzUzMzM1LjE3MjQ2NjY4NTM%3D%3Arqnl%3A1%3Ast%3A1724666853%3At%3A%F0%9F%92%80%20Exploit%20for%20CVE-2024-28000&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21038592)ti(1) HTTP 302
https://mc.yandex.ru/watch/54912310/1?wmode=7&page-url=https%3A%2F%2Fsploitus.com%2Fexploit%3Fid%3DC87C2B32-A397-5974-98DB-87640D47A1D6&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpczyib8nfqqomnpp0afz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1410%3Acn%3A1%3Adp%3A0%3Als%3A1014013293420%3Ahid%3A488946052%3Az%3A-600%3Ai%3A20240826000733%3Aet%3A1724666853%3Ac%3A1%3Arn%3A411736384%3Arqn%3A1%3Au%3A1724666853424750309%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A703%3Awv%3A2%3Ads%3A14%2C317%2C128%2C3%2C1%2C0%2C%2C209%2C38%2C%2C%2C%2C981%3Aco%3A0%3Acpf%3A1%3Ans%3A1724666852219%3Agi%3AR0ExLjEuNjczMzUzMzM1LjE3MjQ2NjY4NTM%3D%3Arqnl%3A1%3Ast%3A1724666853%3At%3A%F0%9F%92%80%20Exploit%20for%20CVE-2024-28000&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821038592%29ti%281%29&redirnss=1

Request Chain 19

https://mc.webvisor.org/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=10473.G7ZtZA8xX8dM00W7WAkkoy-PPiVewBTtKI9X-AraF05s8gXcRh5mGXyyiTricoaS.qo81zEAbBaJA-cs1JZjb7Y3aU8c%2C HTTP 302
https://mc.webvisor.org/sync_cookie_image_decide?token=10473.HPri6cm8xqiExMMSzsVRdJKxup0apBJwJ4Jg2e2LA8fbkA4DBILBuiRSe13PT3eDF_t5UZS3A7nXqJ0mcFwGRcYfFO2PYm39SgzyWHoYQk_WHw1s9qQCxzM3WTDAV63WFW4dAJhBT_Ltfe2lUGd9DcG1LMaOi83NOxjVC3HWSSP9fsO-YoEMsotsxwEHeqAaRWgFVKMpHAIYxELteB8VJXJNEHFsdURboytE0MGw8-I%2C.ybNluH6yNq1qO1iXD1pxnd7spQI%2C

Request Chain 20

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10473.6tYHmQGGJwy_V5Lpek8ITE9ifMgJCrlIyV8rnf0TmH65pLdEzHSuLsKh3OtTIE_t.U9PPnWzO_SJbSkfXFJYK18Ai5t0%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10473.67pQhUoxnjCijaqKe9KH2wV2ii_qemPKdbG8FGCISPCH-t8topihudJVSvzcAgHziEnzbRgaMXSgCSxvmoMnWG41PSPThbkb2ywGq7YtGC7clve0tXRnFmnMIf3SQmc-uaROIIjqDDkDJ1PK9tX6bY-AnyfyCi4oBBUrGSt24nb5IYvCu_eUPgaI2ESDAT0q53WrSWfLHxIgsrg_0PZI6K4vTG9oxfRWrr_tNRTTZ0A%2C.E2iEwuLGm0vcj44FtrPeu9Ymidc%2C

24 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request exploit Show response
sploitus.com/ 20 KB
7 KB 460ms
128ms Document
text/html 172.67.172.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sploitus.com/exploit?id=C87C2B32-A397-5974-98DB-87640D47A1D6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.172.46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6ca075ab66a720219968236dbd84728a67ac2f33965b527ea5a26f261bfc121

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=86400
cf-cache-status: HIT
cf-ray: 8b9303f47c3f41af-EWR
content-encoding: br
content-security-policy: default-src 'self' https: 'unsafe-inline'
content-type: text/html; charset=UTF-8
date: Mon, 26 Aug 2024 10:07:32 GMT
last-modified: Mon, 26 Aug 2024 08:20:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KtDhiCZ5PCnd9ah%2BXombaA02CbLhE7wLHHriccr3NV9jlU%2BriSawq%2BAJNsBG0REvBrzABR2sCXTjy9LLMUEf5ZEiCR3Z2LfzZqXsUeIO5uLjLzc6lHAdYM3j0N0vrEo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 app.css
sploitus.com/static/ 23 KB
6 KB 143ms
141ms Stylesheet
text/css 172.67.172.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sploitus.com/static/app.css

Requested by

Host: sploitus.com
URL: https://sploitus.com/exploit?id=C87C2B32-A397-5974-98DB-87640D47A1D6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.172.46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

972352fc965fbd537fc151fa72d4864d5cbb954800bdd36c61fb61e9d258f7b7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sploitus.com/exploit?id=C87C2B32-A397-5974-98DB-87640D47A1D6
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 10:07:32 GMT
content-security-policy: default-src 'self' https: 'unsafe-inline'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-polished: origSize=23759
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
last-modified: Mon, 25 Apr 2022 18:28:51 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fABoIG%2F%2FL0r5IJMMGsgYgsyHIv2Tr%2BzGq8h5X3phbI0zdkAu9ilXrXnCig7Dj58OYD8wzzaOXV%2BSR7qc87Arrnf1Z5PwgH01f1KM2f6Q5EHhDQ0FwExLhnu6WD0F1W8%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=691200
cf-ray: 8b9303f55cd341af-EWR
expires: Tue, 23 Jul 2024 13:59:21 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 210 KB
76 KB 344ms
28ms Script
application/javascript 142.251.32.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-125861816-1

Requested by

Host: sploitus.com
URL: https://sploitus.com/exploit?id=C87C2B32-A397-5974-98DB-87640D47A1D6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.104 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

b04045d3f9083511d5f0568a334eacf3715824288cb370f70115470307009cd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://sploitus.com/exploit?id=C87C2B32-A397-5974-98DB-87640D47A1D6
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 10:07:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77022
x-xss-protection: 0
last-modified: Mon, 26 Aug 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 26 Aug 2024 10:07:33 GMT

GET
H2 200 app.js Show response
sploitus.com/static/ 67 KB
24 KB 138ms
138ms Script
application/javascript 172.67.172.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sploitus.com/static/app.js

Requested by

Host: sploitus.com
URL: https://sploitus.com/exploit?id=C87C2B32-A397-5974-98DB-87640D47A1D6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.172.46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9e00172d5f0daca264a56d1d78ba625534b3246e57808e00f0c05dbe720d075

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sploitus.com/exploit?id=C87C2B32-A397-5974-98DB-87640D47A1D6
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 10:07:32 GMT
content-security-policy: default-src 'self' https: 'unsafe-inline'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
last-modified: Mon, 25 Apr 2022 18:28:51 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U4RVZJXCD3ZTzxq4Az1zqRvfnTMFy2a8TdZkZmBcSnmPK0dvN7CBtZYWF92sLELLScBYCs%2FApmON95%2FRLC7P6bjNmdlxjBoGnjE80SJhr%2Fi5qK166qeIESGNAvglTy0%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=691200
cf-ray: 8b9303f55cd741af-EWR
expires: Tue, 23 Jul 2024 13:59:21 GMT

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 354ms
35ms Script
text/javascript 104.16.79.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: sploitus.com
URL: https://sploitus.com/exploit?id=C87C2B32-A397-5974-98DB-87640D47A1D6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.79.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

Referer: https://sploitus.com/exploit?id=C87C2B32-A397-5974-98DB-87640D47A1D6
Origin: https://sploitus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 10:07:33 GMT
content-encoding: gzip
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
server: cloudflare
etag: W/"2024.6.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 8b9303f838577c7e-EWR

GET
H2 200 tag.js Show response
cdn.jsdelivr.net/npm/yandex-metrica-watch/ 217 KB
82 KB 315ms
2ms Script
application/javascript 151.101.129.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

Requested by

Host: sploitus.com
URL: https://sploitus.com/exploit?id=C87C2B32-A397-5974-98DB-87640D47A1D6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7f9c1e5d34f1bf0bb9507df54f5f8dab41f492cf6fee6af8704d3aad3f693cf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sploitus.com/exploit?id=C87C2B32-A397-5974-98DB-87640D47A1D6
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 26 Aug 2024 10:07:33 GMT
x-content-type-options: nosniff
content-encoding: br
age: 40766
x-jsd-version: 1.335.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 83446
x-served-by: cache-fra-etou8220046-FRA, cache-lga21989-LGA
x-jsd-version-type: version
etag: W/"36351-PRHDXW2OkKdpN2IDgAOzV5H9o8g"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 sploitus.png
sploitus.com/static/images/ 3 KB
4 KB 434ms
434ms Image
image/png 172.67.172.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sploitus.com/static/images/sploitus.png

Requested by

Host: sploitus.com
URL: https://sploitus.com/static/app.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.172.46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a263e2fcf08d6184619dd7e66bad52758dfe921d2ae674a5978b9d724390b1a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sploitus.com/static/app.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 10:07:33 GMT
content-security-policy: default-src 'self' https: 'unsafe-inline'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 25 May 2020 18:37:10 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z%2FYnfw1UFw2Ot5vbfC%2F78Olqh05IDeprR88xvtJpim76mGlcEAT0HzMt%2Fi82UrAZO91JK4t9l4%2Bs0SdUrLeSDfH9O8BouK9hIgNd02cjhoXwIy7mLBCf1y%2FJ00jUqXg%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=691200
cf-ray: 8b9303f66dae41af-EWR
expires: Tue, 23 Jul 2024 13:59:21 GMT

GET
H2 200 github.png
sploitus.com/static/images/ 3 KB
3 KB 453ms
453ms Image
image/png 172.67.172.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sploitus.com/static/images/github.png

Requested by

Host: sploitus.com
URL: https://sploitus.com/static/app.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.172.46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbb4322cba581b3f67e4054899cb56a1fea1041a3e7170c280bf450941108d4e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sploitus.com/static/app.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 10:07:33 GMT
content-security-policy: default-src 'self' https: 'unsafe-inline'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 25 Apr 2022 13:30:46 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PNJPoAbELZYzb6Uc5HGE3z%2BLMlPuq2OT%2Bya8q8MiVXUWtvllCDerjEqCSIr5cWG7SClZD0rWY1GCYAAf0SGiynEibkFZGZ53TXsS9OqIjtvbs5joatu2FTnjAKxIQ44%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=691200
cf-ray: 8b9303f66db041af-EWR
expires: Tue, 23 Jul 2024 13:59:21 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 261 KB
91 KB 28ms
27ms Script
application/javascript 142.251.32.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MEMT0D846W&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-125861816-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.104 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

7e9c51b9be30bdbd2fb8da753aa7758cff5e23e398e2d318bc36f7d0b78d8c7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://sploitus.com/exploit?id=C87C2B32-A397-5974-98DB-87640D47A1D6
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 10:07:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93231
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 26 Aug 2024 10:07:33 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 325ms
4ms Script
text/javascript 142.250.65.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-125861816-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.174 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sploitus.com/exploit?id=C87C2B32-A397-5974-98DB-87640D47A1D6
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 26 Aug 2024 10:06:04 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 89
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 26 Aug 2024 12:06:04 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
0 338ms
17ms Fetch
text/plain 216.239.38.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-MEMT0D846W&gtm=45je48l0v9119029796za200&_p=1724666852837&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=673353335.1724666853&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1724666853&sct=1&seg=0&dl=https%3A%2F%2Fsploitus.com%2Fexploit%3Fid%3DC87C2B32-A397-5974-98DB-87640D47A1D6&dt=%F0%9F%92%80%20Exploit%20for%20CVE-2024-28000&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=959
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MEMT0D846W&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.38.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://sploitus.com/exploit?id=C87C2B32-A397-5974-98DB-87640D47A1D6
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 10:07:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sploitus.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
251 B 343ms
16ms Ping
text/plain 142.251.16.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-MEMT0D846W&cid=673353335.1724666853&gtm=45je48l0v9119029796za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MEMT0D846W&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.16.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: bl-in-f156.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sploitus.com/exploit?id=C87C2B32-A397-5974-98DB-87640D47A1D6
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 10:07:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sploitus.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame FF34 0
0 340ms
22ms Document
text/html 142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-MEMT0D846W&gacid=673353335.1724666853&gtm=45je48l0v9119029796za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=1598775215

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MEMT0D846W&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sploitus.com/exploit?id=C87C2B32-A397-5974-98DB-87640D47A1D6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 26 Aug 2024 10:07:33 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

main.js Show response
sploitus.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/6790c32b9fc9/ Frame B58E
Redirect Chain

https://sploitus.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://sploitus.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/6790c32b9fc9/main.js?

8 KB
4 KB

10ms
10ms

Script
application/javascript

172.67.172.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sploitus.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/6790c32b9fc9/main.js?

Requested by

Host: sploitus.com
URL: https://sploitus.com/exploit?id=C87C2B32-A397-5974-98DB-87640D47A1D6

Protocol

Server

172.67.172.46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08d784709120b735edbfd3bdb60b8508075c46dcec65f36710c1f516c7be8e9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 10:07:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sHjEE6vQAxok8oocs2wIkuq3gAWXVb4UsEO3v26ZFwPZDWiMZsi5wR7JsZQlRs6%2FCX3Vyuxs%2BKvv4twYJ%2F01IaRJWfcgHXzMX3E2YZFiHGXVlqMeiF1rzeVPoUqh2PA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray: 8b9303f91f3641af-EWR
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Mon, 26 Aug 2024 10:07:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OPNivADAiof%2F8tmB7rwI27CxobzcaaODjtlW917CacMmZ8JcYuk4WeNmn7M8tz%2BIBO3CLGCrIymZ5O1dqBuxgPqHBv%2FSWWyTsTWls3HHaN87Plp%2FRJLZkqDuVmiOk%2FA%3D"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/6790c32b9fc9/main.js?
access-control-allow-origin: *
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray: 8b9303f8bf0b41af-EWR
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2

200

1 Show response
mc.yandex.ru/watch/3/
Redirect Chain

https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fsploitus.com%2Fexploit%3Fid%3DC87C2B32-A397-5974-98DB-87640D47A1D6&page-ref=&charset=utf-8&browser-info=pv%3A1%3Avf%3Acstsejpczyib8nfqqom...
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fsploitus.com%2Fexploit%3Fid%3DC87C2B32-A397-5974-98DB-87640D47A1D6&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3Acstsejpczyib8nfqqo...

504 B
583 B

132ms
132ms

Fetch
application/json

87.250.250.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fsploitus.com%2Fexploit%3Fid%3DC87C2B32-A397-5974-98DB-87640D47A1D6&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3Acstsejpczyib8nfqqomnpp0afz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1410%3Acn%3A2%3Adp%3A0%3Als%3A581751816131%3Ahid%3A488946052%3Az%3A-600%3Ai%3A20240826000733%3Aet%3A1724666853%3Ac%3A1%3Arn%3A882119717%3Arqn%3A1%3Au%3A1724666853424750309%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A703%3Awv%3A2%3Ads%3A14%2C317%2C128%2C3%2C1%2C0%2C%2C209%2C38%2C%2C%2C%2C981%3Aco%3A0%3Acpf%3A1%3Ans%3A1724666852219%3Agi%3AR0ExLjEuNjczMzUzMzM1LjE3MjQ2NjY4NTM%3D%3Ast%3A1724666853&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2865536%29ti%281%29&redirnss=1

Requested by

Host: sploitus.com
URL: https://sploitus.com/exploit?id=C87C2B32-A397-5974-98DB-87640D47A1D6

Protocol

Server

87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

41238ea8c3374ccdc80da26657bd3167ddd4e72a36423b745ad0f070cded8d4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sploitus.com/exploit?id=C87C2B32-A397-5974-98DB-87640D47A1D6
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 10:07:34 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 26-Aug-2024 10:07:34 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://sploitus.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 504
x-xss-protection: 1; mode=block
expires: Mon, 26-Aug-2024 10:07:34 GMT

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Mon, 26 Aug 2024 10:07:33 GMT
last-modified: Mon, 26-Aug-2024 10:07:33 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin: https://sploitus.com
location: /watch/3/1?wmode=7&page-url=https%3A%2F%2Fsploitus.com%2Fexploit%3Fid%3DC87C2B32-A397-5974-98DB-87640D47A1D6&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3Acstsejpczyib8nfqqomnpp0afz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1410%3Acn%3A2%3Adp%3A0%3Als%3A581751816131%3Ahid%3A488946052%3Az%3A-600%3Ai%3A20240826000733%3Aet%3A1724666853%3Ac%3A1%3Arn%3A882119717%3Arqn%3A1%3Au%3A1724666853424750309%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A703%3Awv%3A2%3Ads%3A14%2C317%2C128%2C3%2C1%2C0%2C%2C209%2C38%2C%2C%2C%2C981%3Aco%3A0%3Acpf%3A1%3Ans%3A1724666852219%3Agi%3AR0ExLjEuNjczMzUzMzM1LjE3MjQ2NjY4NTM%3D%3Ast%3A1724666853&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2865536%29ti%281%29&redirnss=1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 26-Aug-2024 10:07:33 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
655 B 695ms
129ms Image
image/gif 87.250.250.119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: sploitus.com
URL: https://sploitus.com/exploit?id=C87C2B32-A397-5974-98DB-87640D47A1D6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://sploitus.com/exploit?id=C87C2B32-A397-5974-98DB-87640D47A1D6
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 10:07:33 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 26 Aug 2024 08:38:17 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "66cc3ef9-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 26 Aug 2024 11:07:33 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/54912310/
Redirect Chain

https://mc.yandex.ru/watch/54912310?wmode=7&page-url=https%3A%2F%2Fsploitus.com%2Fexploit%3Fid%3DC87C2B32-A397-5974-98DB-87640D47A1D6&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejp...
https://mc.yandex.ru/watch/54912310/1?wmode=7&page-url=https%3A%2F%2Fsploitus.com%2Fexploit%3Fid%3DC87C2B32-A397-5974-98DB-87640D47A1D6&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstse...

729 B
1 KB

132ms
131ms

Fetch
application/json

87.250.250.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/54912310/1?wmode=7&page-url=https%3A%2F%2Fsploitus.com%2Fexploit%3Fid%3DC87C2B32-A397-5974-98DB-87640D47A1D6&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpczyib8nfqqomnpp0afz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1410%3Acn%3A1%3Adp%3A0%3Als%3A1014013293420%3Ahid%3A488946052%3Az%3A-600%3Ai%3A20240826000733%3Aet%3A1724666853%3Ac%3A1%3Arn%3A411736384%3Arqn%3A1%3Au%3A1724666853424750309%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A703%3Awv%3A2%3Ads%3A14%2C317%2C128%2C3%2C1%2C0%2C%2C209%2C38%2C%2C%2C%2C981%3Aco%3A0%3Acpf%3A1%3Ans%3A1724666852219%3Agi%3AR0ExLjEuNjczMzUzMzM1LjE3MjQ2NjY4NTM%3D%3Arqnl%3A1%3Ast%3A1724666853%3At%3A%F0%9F%92%80%20Exploit%20for%20CVE-2024-28000&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821038592%29ti%281%29&redirnss=1

Requested by

Host: sploitus.com
URL: https://sploitus.com/exploit?id=C87C2B32-A397-5974-98DB-87640D47A1D6

Protocol

Server

87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

9a0730e2a5de19a1cfaf4063f085f751af5791b1dea06cde7a8b620f2f6f0d4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sploitus.com/exploit?id=C87C2B32-A397-5974-98DB-87640D47A1D6
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 10:07:34 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 26-Aug-2024 10:07:34 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://sploitus.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 729
x-xss-protection: 1; mode=block
expires: Mon, 26-Aug-2024 10:07:34 GMT

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Mon, 26 Aug 2024 10:07:33 GMT
last-modified: Mon, 26-Aug-2024 10:07:33 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin: https://sploitus.com
location: /watch/54912310/1?wmode=7&page-url=https%3A%2F%2Fsploitus.com%2Fexploit%3Fid%3DC87C2B32-A397-5974-98DB-87640D47A1D6&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpczyib8nfqqomnpp0afz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1410%3Acn%3A1%3Adp%3A0%3Als%3A1014013293420%3Ahid%3A488946052%3Az%3A-600%3Ai%3A20240826000733%3Aet%3A1724666853%3Ac%3A1%3Arn%3A411736384%3Arqn%3A1%3Au%3A1724666853424750309%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A703%3Awv%3A2%3Ads%3A14%2C317%2C128%2C3%2C1%2C0%2C%2C209%2C38%2C%2C%2C%2C981%3Aco%3A0%3Acpf%3A1%3Ans%3A1724666852219%3Agi%3AR0ExLjEuNjczMzUzMzM1LjE3MjQ2NjY4NTM%3D%3Arqnl%3A1%3Ast%3A1724666853%3At%3A%F0%9F%92%80%20Exploit%20for%20CVE-2024-28000&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821038592%29ti%281%29&redirnss=1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 26-Aug-2024 10:07:33 GMT

POST
H2 200 8b9303f47c3f41af Show response
sploitus.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame B58E 0
805 B 24ms
20ms XHR
text/plain 172.67.172.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sploitus.com/cdn-cgi/challenge-platform/h/b/jsd/r/8b9303f47c3f41af

Requested by

Host: sploitus.com
URL: https://sploitus.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.172.46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 26 Aug 2024 10:07:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VbZEly%2FQpA3o6k1XL2oMvi3PwPHeMIwazue7uPTXRNfpMtmztMZr30BbJswf0FGWXCPEwtgP3dqXWPi2xMKlMxEntxyAlHK0SVd3NLiifRRY3AW7%2B9MGIdqwWMafjOs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 8b9303f9efe041af-EWR
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
203 B 20ms
19ms XHR
text/plain 142.250.65.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=690305857&t=pageview&_s=1&dl=https%3A%2F%2Fsploitus.com%2Fexploit%3Fid%3DC87C2B32-A397-5974-98DB-87640D47A1D6&ul=en-us&de=UTF-8&dt=%F0%9F%92%80%20Exploit%20for%20CVE-2024-28000&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=180585195&gjid=546539527&cid=673353335.1724666853&tid=UA-125861816-1&_gid=1457057766.1724666853&_r=1&gtm=457e48l0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&jsscut=1&z=1490570316

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.174 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sploitus.com/exploit?id=C87C2B32-A397-5974-98DB-87640D47A1D6
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 10:07:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sploitus.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 metrika_match.html
mc.yandex.ru/metrika/ Frame 26BC 0
0 706ms
144ms Document
text/html 77.88.21.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/metrika_match.html

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://sploitus.com/exploit?id=C87C2B32-A397-5974-98DB-87640D47A1D6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin: *
cache-control: max-age=3600
content-encoding: br
content-length: 1046
content-type: text/html
date: Mon, 26 Aug 2024 10:07:34 GMT
etag: "66cc3ef9-416"
expires: Mon, 26 Aug 2024 11:07:34 GMT
last-modified: Mon, 26 Aug 2024 08:38:17 GMT
strict-transport-security: max-age=31536000
timing-allow-origin: *

GET
H2

200

sync_cookie_image_decide
mc.webvisor.org/
Redirect Chain

https://mc.webvisor.org/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=10473.G7ZtZA8xX8dM00W7WAkkoy-PPiVewBTtKI9X-AraF05s8gXcRh5mGXyyiTricoaS.qo81zEAbBaJA-cs1JZjb7Y3aU8c%2C
https://mc.webvisor.org/sync_cookie_image_decide?token=10473.HPri6cm8xqiExMMSzsVRdJKxup0apBJwJ4Jg2e2LA8fbkA4DBILBuiRSe13PT3eDF_t5UZS3A7nXqJ0mcFwGRcYfFO2PYm39SgzyWHoYQk_WHw1s9qQCxzM3WTDAV63WFW4dAJhB...

43 B
532 B

135ms
134ms

Image
image/gif

77.88.21.119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.webvisor.org/sync_cookie_image_decide?token=10473.HPri6cm8xqiExMMSzsVRdJKxup0apBJwJ4Jg2e2LA8fbkA4DBILBuiRSe13PT3eDF_t5UZS3A7nXqJ0mcFwGRcYfFO2PYm39SgzyWHoYQk_WHw1s9qQCxzM3WTDAV63WFW4dAJhBT_Ltfe2lUGd9DcG1LMaOi83NOxjVC3HWSSP9fsO-YoEMsotsxwEHeqAaRWgFVKMpHAIYxELteB8VJXJNEHFsdURboytE0MGw8-I%2C.ybNluH6yNq1qO1iXD1pxnd7spQI%2C

Requested by

Host: sploitus.com
URL: https://sploitus.com/exploit?id=C87C2B32-A397-5974-98DB-87640D47A1D6

Protocol

Server

77.88.21.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sploitus.com/exploit?id=C87C2B32-A397-5974-98DB-87640D47A1D6
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 10:07:35 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.webvisor.org/sync_cookie_image_decide?token=10473.HPri6cm8xqiExMMSzsVRdJKxup0apBJwJ4Jg2e2LA8fbkA4DBILBuiRSe13PT3eDF_t5UZS3A7nXqJ0mcFwGRcYfFO2PYm39SgzyWHoYQk_WHw1s9qQCxzM3WTDAV63WFW4dAJhBT_Ltfe2lUGd9DcG1LMaOi83NOxjVC3HWSSP9fsO-YoEMsotsxwEHeqAaRWgFVKMpHAIYxELteB8VJXJNEHFsdURboytE0MGw8-I%2C.ybNluH6yNq1qO1iXD1pxnd7spQI%2C
strict-transport-security: max-age=31536000
date: Mon, 26 Aug 2024 10:07:35 GMT
x-xss-protection: 1; mode=block

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10473.6tYHmQGGJwy_V5Lpek8ITE9ifMgJCrlIyV8rnf0TmH65pLdEzHSuLsKh3OtTIE_t.U9PPnWzO_SJbSkfXFJYK18Ai5t0%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10473.67pQhUoxnjCijaqKe9KH2wV2ii_qemPKdbG8FGCISPCH-t8topihudJVSvzcAgHziEnzbRgaMXSgCSxvmoMnWG41PSPThbkb2ywGq7YtGC7clve0tXRnFmnMIf3SQmc-uaROIIjqDD...

43 B
492 B

128ms
127ms

Image
image/gif

87.250.250.119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=10473.67pQhUoxnjCijaqKe9KH2wV2ii_qemPKdbG8FGCISPCH-t8topihudJVSvzcAgHziEnzbRgaMXSgCSxvmoMnWG41PSPThbkb2ywGq7YtGC7clve0tXRnFmnMIf3SQmc-uaROIIjqDDkDJ1PK9tX6bY-AnyfyCi4oBBUrGSt24nb5IYvCu_eUPgaI2ESDAT0q53WrSWfLHxIgsrg_0PZI6K4vTG9oxfRWrr_tNRTTZ0A%2C.E2iEwuLGm0vcj44FtrPeu9Ymidc%2C

Requested by

Host: sploitus.com
URL: https://sploitus.com/exploit?id=C87C2B32-A397-5974-98DB-87640D47A1D6

Protocol

Server

87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sploitus.com/exploit?id=C87C2B32-A397-5974-98DB-87640D47A1D6
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 10:07:34 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=10473.67pQhUoxnjCijaqKe9KH2wV2ii_qemPKdbG8FGCISPCH-t8topihudJVSvzcAgHziEnzbRgaMXSgCSxvmoMnWG41PSPThbkb2ywGq7YtGC7clve0tXRnFmnMIf3SQmc-uaROIIjqDDkDJ1PK9tX6bY-AnyfyCi4oBBUrGSt24nb5IYvCu_eUPgaI2ESDAT0q53WrSWfLHxIgsrg_0PZI6K4vTG9oxfRWrr_tNRTTZ0A%2C.E2iEwuLGm0vcj44FtrPeu9Ymidc%2C
strict-transport-security: max-age=31536000
date: Mon, 26 Aug 2024 10:07:34 GMT
x-xss-protection: 1; mode=block

POST
H3 204 rum Show response
sploitus.com/cdn-cgi/ 0
174 B 10ms
8ms XHR
text/plain 2606:4700:3032::ac43:ac2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sploitus.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:ac2e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://sploitus.com/exploit?id=C87C2B32-A397-5974-98DB-87640D47A1D6
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Mon, 26 Aug 2024 10:07:35 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://sploitus.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 8b9304054a5341b5-EWR

GET
H3 200 favicon.ico
sploitus.com/static/images/ 15 KB
2 KB 125ms
125ms Other
image/vnd.microsoft.icon 2606:4700:3032::ac43:ac2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sploitus.com/static/images/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:ac2e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0254a69304bf58b7aecbeca80519dbd9e42de97c37a30e356eaa8c93336d38a9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sploitus.com/exploit?id=C87C2B32-A397-5974-98DB-87640D47A1D6
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 10:07:35 GMT
content-security-policy: default-src 'self' https: 'unsafe-inline'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 25 May 2020 18:37:10 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/vnd.microsoft.icon
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vvHXpN07JDNn%2BcxuAydLT9jzxd6H4CWLqC7HtmATkUG6sujEbsehjpwFbl4GtUipueL3Qe5rxMWzPMKvM0iYTDlbFX46pUkl2IJhaF0R55mu1hBKSC%2FPpoQLLyqLB5UaXwgsQfXEg70sakI%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=691200
cf-ray: 8b9304055a5441b5-EWR
priority: u=1,i
expires: Tue, 23 Jul 2024 13:59:21 GMT

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sploitus.com/	1970-01-21 08:40:26	Name: _ga_MEMT0D846W Value: GS1.1.1724666853.1.0.1724666853.60.0.0
.sploitus.com/	1970-01-21 07:50:02	Name: _ym_uid Value: 1724666853424750309
.sploitus.com/	1970-01-21 07:50:02	Name: _ym_d Value: 1724666853
.sploitus.com/	1970-01-21 08:40:26	Name: _ga Value: GA1.2.673353335.1724666853
.sploitus.com/	1970-01-20 23:05:53	Name: _gid Value: GA1.2.1457057766.1724666853
.sploitus.com/	1970-01-20 23:04:26	Name: _gat_gtag_UA_125861816_1 Value: 1
.sploitus.com/	1970-01-21 07:50:02	Name: cf_clearance Value: rdb0rXBTM0kg_OqkuTKbGAfgaVsBoWbVPCHxzFL9s7I-1724666853-1.2.1.1-n5B3dsiBPAdaAxvTCZTy77FtugWSxaMQLYXSEGlmX0sGumOy4oWBTZpNtr6YWf8HvBHdXqPx5TheG8eKmVydpDmZDxVVBFpLLWQUFuQ0VziVE0Vrr.PwcT7jNy5H7gm1s5bzjYRq_ZIZOxeWa8ZUT0NvTLtf91DNqqQgL2DoKbUhdIxKyrEIl5zpuFcRuW5gfqoFBNSnrydh57YPHXWv87KpWZdKyIBKExF1gb9M682pP.8txxfP7FYntQfZxqTfWOyunHPfu78VZyw.4YUfGSbUcBjkmY125P5KD0Xbw3GAuY0P_S8sQ2L6MXHiThNfnq8kSoA49FOoLtog4ecX2uRj0ip4YEcUm5FBm5Q_.QVZ_TBSZfucPgQe1HVQdx4U
.doubleclick.net/	1970-01-20 23:04:27	Name: test_cookie Value: CheckForPermission
.yandex.ru/	1970-01-21 07:50:02	Name: ymex Value: 1756202853.yrts.1724666853#1756202853.yrtsi.1724666853
.yandex.ru/	1970-01-21 07:50:02	Name: receive-cookie-deprecation Value: 1
.sploitus.com/	1970-01-20 23:05:38	Name: _ym_isad Value: 2
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 2287054301724666853
.yandex.ru/	1970-01-21 07:50:02	Name: yuidss Value: 2137265211724666853
.yandex.ru/	1970-01-21 08:40:26	Name: bh Value: KgI/MGDmp7G2Bg==
.mc.yandex.com/	1970-01-20 23:04:27	Name: sync_cookie_csrf Value: 2441690042fake
.yandex.ru/	1970-01-21 08:40:26	Name: i Value: MnUHeV+5fNhCmpEYF+nKSzqQUfa8JJSrtryASmfiwSwtI8cPg2ZeXDaQIX6VnWCz2PvPRExEFOK0p6lCfz3W1FqUPIA=
.yandex.ru/	1970-01-21 08:40:26	Name: yandexuid Value: 1860368701724666854
.yandex.ru/	1970-01-21 07:50:02	Name: yashr Value: 2742795611724666854
.yandex.com/	1970-01-21 08:40:26	Name: yandexuid Value: 2137265211724666853
.yandex.com/	1970-01-21 08:40:26	Name: yuidss Value: 2137265211724666853
.yandex.com/	1970-01-21 08:40:26	Name: i Value: QntUCHsmb2VNKjPuTWRkW0/9+lgnVHsktBEH9yiTWUw2ZpiJCorc6GEPH5O/62eBTrnAAlR7o/nFn0JQtj9ZgXo4gxA=
.mc.yandex.com/	1970-01-20 23:05:53	Name: sync_cookie_ok Value: synced
.mc.webvisor.org/	1970-01-20 23:04:27	Name: sync_cookie_csrf Value: 231925003fake
.mc.yandex.ru/	1970-01-20 23:04:27	Name: sync_cookie_csrf Value: 791216876fake
.webvisor.org/	1970-01-21 08:40:26	Name: yandexuid Value: 1860368701724666854
.webvisor.org/	1970-01-21 08:40:26	Name: yuidss Value: 1860368701724666854
.webvisor.org/	1970-01-21 08:40:26	Name: i Value: MnUHeV+5fNhCmpEYF+nKSzqQUfa8JJSrtryASmfiwSwtI8cPg2ZeXDaQIX6VnWCz2PvPRExEFOK0p6lCfz3W1FqUPIA=
.mc.webvisor.org/	1970-01-20 23:05:53	Name: sync_cookie_ok Value: synced

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
cdn.jsdelivr.net
mc.webvisor.org
mc.yandex.com
mc.yandex.ru
sploitus.com
static.cloudflareinsights.com
stats.g.doubleclick.net
td.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
104.16.79.73
142.250.65.174
142.251.16.156
142.251.32.104
142.251.32.98
151.101.129.229
172.67.172.46
216.239.38.181
2606:4700:3032::ac43:ac2e
77.88.21.119
87.250.250.119
0254a69304bf58b7aecbeca80519dbd9e42de97c37a30e356eaa8c93336d38a9
08d784709120b735edbfd3bdb60b8508075c46dcec65f36710c1f516c7be8e9c
3a263e2fcf08d6184619dd7e66bad52758dfe921d2ae674a5978b9d724390b1a
41238ea8c3374ccdc80da26657bd3167ddd4e72a36423b745ad0f070cded8d4f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7e9c51b9be30bdbd2fb8da753aa7758cff5e23e398e2d318bc36f7d0b78d8c7f
7f9c1e5d34f1bf0bb9507df54f5f8dab41f492cf6fee6af8704d3aad3f693cf9
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
972352fc965fbd537fc151fa72d4864d5cbb954800bdd36c61fb61e9d258f7b7
9a0730e2a5de19a1cfaf4063f085f751af5791b1dea06cde7a8b620f2f6f0d4a
a9e00172d5f0daca264a56d1d78ba625534b3246e57808e00f0c05dbe720d075
b04045d3f9083511d5f0568a334eacf3715824288cb370f70115470307009cd4
cbb4322cba581b3f67e4054899cb56a1fea1041a3e7170c280bf450941108d4e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6ca075ab66a720219968236dbd84728a67ac2f33965b527ea5a26f261bfc121

sploitus.com Open in urlscan Pro 172.67.172.46 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

24 Requests

79 %HTTPS

9 %IPv6

10 Domains

11 Subdomains

11 IPs

3 Countries

331 kBTransfer

899 kBSize

28 Cookies

0 Outgoing links

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

28 Cookies

Security Headers

Indicators

sploitus.com Open in urlscan Pro
172.67.172.46 Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

79 %
HTTPS

9 %
IPv6

10
Domains

11
Subdomains

11
IPs

3
Countries

331 kB
Transfer

899 kB
Size

28
Cookies

24 HTTP transactions
0 data transactions