The night thinking.
I've discovery a worst method to probe wepawet.com object and plugin versioning (is this intended as information disclosure vulnerability?) . From their result about my post for analyse the url 15mm.it, I've seen some variable ,used by the exploiter (j.js from previous post) , with value that usually are not sandbox related.
Can an attacker use this info for, theoretically, exploiting wepawet ? I hope no
Feedback are welcome.