mksben.l0.cm
Open in
urlscan Pro
2a00:1450:4001:821::2013
Public Scan
Effective URL: https://mksben.l0.cm/2020/10/discord-desktop-rce.html
Submission: On October 19 via manual from NO
Summary
TLS certificate: Issued by GTS CA 1D2 on August 26th 2020. Valid for: 3 months.
This is the only time mksben.l0.cm was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 2a03:2880:f01... 2a03:2880:f01c:800e:face:b00c:0:2 | 32934 (FACEBOOK) (FACEBOOK) | |
2 | 2a00:1450:400... 2a00:1450:4001:821::2013 | 15169 (GOOGLE) (GOOGLE) | |
1 9 | 2a00:1450:400... 2a00:1450:4001:816::2009 | 15169 (GOOGLE) (GOOGLE) | |
2 | 3.214.245.1 3.214.245.1 | 14618 (AMAZON-AES) (AMAZON-AES) | |
2 | 2a00:1450:400... 2a00:1450:4001:821::2009 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:81d::2001 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:803::2001 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:81f::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:803::200e | 15169 (GOOGLE) (GOOGLE) | |
1 1 | 2a00:1450:400... 2a00:1450:4001:81e::200d | 15169 (GOOGLE) (GOOGLE) | |
21 | 10 |
ASN15169 (GOOGLE, US)
www.blogger.com | |
www.blogblog.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-245-1.compute-1.amazonaws.com
speakerdeck.com |
ASN15169 (GOOGLE, US)
resources.blogblog.com |
ASN15169 (GOOGLE, US)
lh3.googleusercontent.com |
ASN15169 (GOOGLE, US)
themes.googleusercontent.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
blogger.com
1 redirects
www.blogger.com |
71 KB |
3 |
blogblog.com
resources.blogblog.com www.blogblog.com |
245 KB |
2 |
gstatic.com
fonts.gstatic.com |
31 KB |
2 |
googleusercontent.com
lh3.googleusercontent.com themes.googleusercontent.com |
3 KB |
2 |
speakerdeck.com
speakerdeck.com |
3 KB |
2 |
l0.cm
mksben.l0.cm |
22 KB |
1 |
google.com
1 redirects
accounts.google.com |
472 B |
1 |
youtube.com
www.youtube.com |
|
1 |
messenger.com
l.messenger.com |
1 KB |
21 | 9 |
Domain | Requested by | |
---|---|---|
8 | www.blogger.com |
1 redirects
mksben.l0.cm
www.blogger.com |
2 | fonts.gstatic.com |
mksben.l0.cm
|
2 | resources.blogblog.com |
mksben.l0.cm
|
2 | speakerdeck.com |
mksben.l0.cm
speakerdeck.com |
2 | mksben.l0.cm |
l.messenger.com
mksben.l0.cm |
1 | accounts.google.com | 1 redirects |
1 | www.youtube.com |
mksben.l0.cm
|
1 | www.blogblog.com |
mksben.l0.cm
|
1 | themes.googleusercontent.com |
mksben.l0.cm
|
1 | lh3.googleusercontent.com |
mksben.l0.cm
|
1 | l.messenger.com | |
21 | 11 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-09-11 - 2020-12-10 |
3 months | crt.sh |
mksben.l0.cm GTS CA 1D2 |
2020-08-26 - 2020-11-24 |
3 months | crt.sh |
*.blogger.com GTS CA 1O1 |
2020-09-22 - 2020-12-15 |
3 months | crt.sh |
speakerdeck.com Let's Encrypt Authority X3 |
2020-09-15 - 2020-12-14 |
3 months | crt.sh |
*.googleusercontent.com GTS CA 1O1 |
2020-09-22 - 2020-12-15 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-09-22 - 2020-12-15 |
3 months | crt.sh |
*.google.com GTS CA 1O1 |
2020-09-22 - 2020-12-15 |
3 months | crt.sh |
This page contains 5 frames:
Primary Page:
https://mksben.l0.cm/2020/10/discord-desktop-rce.html
Frame ID: B51B9FA311A81D5F0E8547B2C8FC93F2
Requests: 17 HTTP requests in this frame
Frame:
https://www.youtube.com/embed/0f3RrvC-zGI
Frame ID: 01FE58599145B05AA412C5CB29FAEABD
Requests: 1 HTTP requests in this frame
Frame:
https://www.blogger.com/comment-iframe.g?blogID=3090823890722032925&postID=6054437144226106686&blogspotRpcToken=6377732
Frame ID: BB4318C645E117ECF52138263F1741B9
Requests: 1 HTTP requests in this frame
Frame:
https://www.blogger.com/comment-iframe.g?blogID=3090823890722032925&postID=6054437144226106686&blogspotRpcToken=6377732&bpli=1
Frame ID: 01D5D419CD3EEB7DF784F7B1506C16EC
Requests: 1 HTTP requests in this frame
Frame:
https://speakerdeck.com/player/ad6409b826fc4f0ea457b2676fc61f16
Frame ID: 0BBC02E6656F081DA5369A50830C84B6
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://l.messenger.com/l.php?u=https%3A%2F%2Fmksben.l0.cm%2F2020%2F10%2Fdiscord-desktop-rce.html&h=... Page URL
- https://mksben.l0.cm/2020/10/discord-desktop-rce.html Page URL
Detected technologies
Blogger (Blogs) ExpandDetected patterns
- meta generator /^Blogger$/i
PHP (Programming Languages) Expand
Detected patterns
- url /\.php(?:$|\?)/i
Python (Programming Languages) Expand
Detected patterns
- meta generator /^Blogger$/i
Page Statistics
47 Outgoing links
These are links going to different origins than the main page.
Title: @kinugawamasato
Search URL Search Domain Scan URL
Title: Discord
Search URL Search Domain Scan URL
Title: Bug Bounty Program
Search URL Search Domain Scan URL
Title: BrowserWindow API
Search URL Search Domain Scan URL
Title: Electron's internal JavaScript code on the renderer
Search URL Search Domain Scan URL
Title: https://drive.google.com/file/d/1LSsD9gzOejmQ2QipReyMXwr_M0Mg1GMH/view
Search URL Search Domain Scan URL
Title: I introduced
Search URL Search Domain Scan URL
Title: https://github.com/moxystudio/node-cross-spawn/blob/16feb534e818668594fd530b113a028c0c06bddc/lib/parse.js#L36
Search URL Search Domain Scan URL
Title: https://github.com/moxystudio/node-cross-spawn/blob/16feb534e818668594fd530b113a028c0c06bddc/lib/parse.js#L55
Search URL Search Domain Scan URL
Title: OGP
Search URL Search Domain Scan URL
Title: sketchfab.com
Search URL Search Domain Scan URL
Title: https://l0.cm/discord_rce_og.html
Search URL Search Domain Scan URL
Title: Sketchfab's Bug Bounty Program
Search URL Search Domain Scan URL
Title: Electron's security team
Search URL Search Domain Scan URL
Title: https://github.com/electron/electron/security/advisories/GHSA-2q4g-w47c-4674
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: Email This
Search URL Search Domain Scan URL
Title: BlogThis!
Search URL Search Domain Scan URL
Title: Share to Twitter
Search URL Search Domain Scan URL
Title: Share to Facebook
Search URL Search Domain Scan URL
Title: Share to Pinterest
Search URL Search Domain Scan URL
Title: Unknown
Search URL Search Domain Scan URL
Title: Delete
Search URL Search Domain Scan URL
Title: Pat
Search URL Search Domain Scan URL
Title: Delete
Search URL Search Domain Scan URL
Title: Helen
Search URL Search Domain Scan URL
Title: Delete
Search URL Search Domain Scan URL
Title: Rotten194
Search URL Search Domain Scan URL
Title: Delete
Search URL Search Domain Scan URL
Title: Bluetooth Module Manufactury
Search URL Search Domain Scan URL
Title: Delete
Search URL Search Domain Scan URL
Title: Feasycom
Search URL Search Domain Scan URL
Title: Delete
Search URL Search Domain Scan URL
Title: Bluetooth Modules
Search URL Search Domain Scan URL
Title: WiFi Modules
Search URL Search Domain Scan URL
Title: Beacons
Search URL Search Domain Scan URL
Title: Development Board
Search URL Search Domain Scan URL
Title: Bluetooth Adapter
Search URL Search Domain Scan URL
Title: Delete
Search URL Search Domain Scan URL
Title: joiwrwerwer
Search URL Search Domain Scan URL
Title: Delete
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: Ollustrator
Search URL Search Domain Scan URL
Title: Blogger
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: Weitere Informationen
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://l.messenger.com/l.php?u=https%3A%2F%2Fmksben.l0.cm%2F2020%2F10%2Fdiscord-desktop-rce.html&h=AT0-7nHoba_87qyWsPyuOQrUVnHmug_gJSciYcLU2-uOTWk1PgAeoawONXz-YQBzlzRd1WTp8OVwT2wbHwu9j6IvlQZU9cVOgfaN3W6dobsCw9-co-sZ4tc8JkbVyjeFhZbcQlPHJgCth7AgJSs Page URL
- https://mksben.l0.cm/2020/10/discord-desktop-rce.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 17- https://www.blogger.com/comment-iframe.g?blogID=3090823890722032925&postID=6054437144226106686&blogspotRpcToken=6377732 HTTP 302
- https://accounts.google.com/ServiceLogin?continue=https://www.blogger.com/comment-iframe.g?blogID%3D3090823890722032925%26postID%3D6054437144226106686%26blogspotRpcToken%3D6377732%26bpli%3D1&followup=https://www.blogger.com/comment-iframe.g?blogID%3D3090823890722032925%26postID%3D6054437144226106686%26blogspotRpcToken%3D6377732%26bpli%3D1&passive=true&go=true HTTP 302
- https://www.blogger.com/comment-iframe.g?blogID=3090823890722032925&postID=6054437144226106686&blogspotRpcToken=6377732&bpli=1
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
l.php
l.messenger.com/ |
249 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
discord-desktop-rce.html
mksben.l0.cm/2020/10/ |
86 KB 20 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3416767676-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ |
36 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
embed.js
speakerdeck.com/assets/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
authorization.css
www.blogger.com/dyn-css/ |
1 B 646 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon18_edit_allbkg.gif
resources.blogblog.com/img/ |
162 B 527 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zFdxGE77vvD2w5xHy6jkVuElKv-U9_9qLkRYK8OnbDeJPtjSZ82UPq5w6hJ-SA=s35
lh3.googleusercontent.com/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
1068921344-comment_from_post_iframe.js
www.blogger.com/static/v1/jsbin/ |
13 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon18_wrench_allbkg.png
resources.blogblog.com/img/ |
475 B 594 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookienotice.js
mksben.l0.cm/js/ |
6 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
104323843-widgets.js
www.blogger.com/static/v1/widgets/ |
141 KB 51 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
image
themes.googleusercontent.com/ |
528 B 967 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg_container.png
www.blogblog.com/1kt/travel/ |
244 KB 244 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0f3RrvC-zGI
www.youtube.com/embed/ Frame 01FE |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
share_buttons_20_3.png
www.blogger.com/img/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
comment-iframe.g
www.blogger.com/ Frame BB43 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
comment-iframe.g
www.blogger.com/ Frame 01D5 Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
authorization.css
www.blogger.com/dyn-css/ |
1 B 69 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
ad6409b826fc4f0ea457b2676fc61f16
speakerdeck.com/player/ Frame 0BBC |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.blogger.com
- URL
- https://www.blogger.com/comment-iframe.g?blogID=3090823890722032925&postID=6054437144226106686&blogspotRpcToken=6377732
Verdicts & Comments Add Verdict or Comment
51 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes object| adsbygoogle object| goog function| BLOG_CMT_createIframe function| BLOG_attachCsiOnload function| _WidgetManager function| _WidgetInfo function| widget_module_provide function| _AdSenseView function| _BlogArchiveView function| _AttributionView function| _BlogView function| _BlogListView function| _BlogSearchView function| _ContactFormView function| _ExampleView function| _FeaturedPostView function| _FeedView function| _FollowByEmailView function| _FollowersView function| _HeaderView function| _TextView function| _HTMLView function| _ImageView function| _LabelView function| _TextListView function| _LinkListView function| _BloggerButtonView function| _NavbarView function| _PageListView function| _PollView function| _PopularPostsView function| _ProfileView function| _RecentPostsView function| _ReportAbuseView function| _SharingView function| _StatsView function| _SubscribeView function| _SW_toggleReaderList function| _SW_hideReaderList function| _TranslateView function| _WikipediaView string| __wavt function| __gjsload__ object| cookieChoices3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.youtube.com/ | Name: YSC Value: q8ptwqDvOIA |
|
.blogger.com/ | Name: S Value: blogger=zfIMVovstX_jD2dM402dmxrbESqTg3sZuT_JgxP5mYI |
|
.youtube.com/ | Name: VISITOR_INFO1_LIVE Value: 1TlNPwJldEs |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src messenger.com *.messenger.com facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob:;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self' *.messenger.com;style-src data: blob: 'unsafe-inline' messenger.com *.messenger.com facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm *.messenger.com wss://*.messenger.com:*;font-src *.messenger.com *.facebook.com https://*.fbcdn.net data:;report-uri https://www.facebook.com/csp/reporting/?m=c; |
X-Content-Type-Options | nosniff |
X-Frame-Options | DENY |
X-Xss-Protection | 0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
accounts.google.com
fonts.gstatic.com
l.messenger.com
lh3.googleusercontent.com
mksben.l0.cm
resources.blogblog.com
speakerdeck.com
themes.googleusercontent.com
www.blogblog.com
www.blogger.com
www.youtube.com
www.blogger.com
2a00:1450:4001:803::2001
2a00:1450:4001:803::200e
2a00:1450:4001:816::2009
2a00:1450:4001:81d::2001
2a00:1450:4001:81e::200d
2a00:1450:4001:81f::2003
2a00:1450:4001:821::2009
2a00:1450:4001:821::2013
2a03:2880:f01c:800e:face:b00c:0:2
3.214.245.1
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
0963eb43c3d252b47c972245961dc22cd6d8e288551c68be356147e977c6b84f
2405183a23f71915807ce435b7e5f3440eaecc9f0cca0a74b296c98ed218916d
2c77b04f02316141ac67884a7708912b4d1e0313dd9e6a4e86f2f5cee551652b
3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
4a4b1003ade4e17095a07cc8316cac0219942f13dfe90f580adef249aecdc0a1
4d4bbce90fe5bda5174baeafe662a175ca32a573f2596f4ce728089713799865
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
c759753b82ae1cdc18b4fde947f5f7df8f2f4a95ae152ee5584deb1a73faf86b
c91afadbe63dd834aac00b49bc715795da58970e7d500c4bd8f50ed713c77880
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
dc5fb78e69a3c5598dd4ddbc332991fe141ed2c6d42503d4e86cecb93d5b06cf