urlscan.io logo urlscan.io
SecurityTrails logo

blog.mikrotik.com Open in urlscan Pro
2a02:610:7501:1000::195  Public Scan

Go To Rescan Add Verdict Report
URL: https://blog.mikrotik.com/security/meris-botnet.html
Submission: On February 16 via manual from CA — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 8 domains to perform 18 HTTP transactions. The main IP is 2a02:610:7501:1000::195, located in Latvia and belongs to AS_MIKROTIKLS, LV. The main domain is blog.mikrotik.com.
TLS certificate: Issued by R3 on January 15th 2023. Valid for: 3 months.
This is the only time blog.mikrotik.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

4    2a02:610:7501:1000::195 (Latvia)

ASN51894 (AS_MIKROTIKLS, LV)
blog.mikrotik.com
1    2607:f8b0:4006:817::200a (Nutley, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    159.148.172.231 (Latvia)

ASN51894 (AS_MIKROTIKLS, LV)
i.mt.lv
1    2607:f8b0:4006:81f::2008 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2607:f8b0:4006:80e::200e (Nutley, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2607:f8b0:4006:81f::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2607:f8b0:4004:c1d::9b (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2607:f8b0:4006:80b::2004 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
5 mt.lv
i.mt.lv — Cisco Umbrella Rank: 563348
279 KB
4 mikrotik.com
blog.mikrotik.com
36 KB
3 gstatic.com
fonts.gstatic.com
38 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
20 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
408 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 77
348 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50
43 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43
1 KB
18 8
Domain Requested by
5 i.mt.lv blog.mikrotik.com
4 blog.mikrotik.com blog.mikrotik.com
3 fonts.gstatic.com fonts.googleapis.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 www.google.com
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googletagmanager.com blog.mikrotik.com
1 fonts.googleapis.com blog.mikrotik.com
18 8

This site contains links to these domains. Also see Links.

Domain
mikrotik.com
blog.qrator.net
www.facebook.com
twitter.com
www.youtube.com
forum.mikrotik.com
Subject Issuer Validity Valid
blog.mikrotik.com
R3		 2023-01-15 -
2023-04-15		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
mt.lv
R3		 2022-12-23 -
2023-03-23		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://blog.mikrotik.com/security/meris-botnet.html
Frame ID: DFE6619972DF6B4C6E9988600C12E7B1
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

MikroTik blog - MÄ“ris botnetSearchSearchFacebookTwitterYoutubeMikroTik forum

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

100 %
HTTPS

88 %
IPv6

8
Domains

8
Subdomains

8
IPs

2
Countries

418 kB
Transfer

531 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request meris-botnet.html
blog.mikrotik.com/security/ 		19 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://blog.mikrotik.com/security/meris-botnet.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:610:7501:1000::195 , Latvia, ASN51894 (AS_MIKROTIKLS, LV),
Reverse DNS
Software
Apache /
Resource Hash
05b9ef5fbb899aa12a90ba796351973924c098f3cb1cc1cde1196a4b623f09c2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
5521
Content-Type
text/html; charset=utf-8
Date
Thu, 16 Feb 2023 17:06:24 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=1000
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Vary
Accept-Encoding
css
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: blog.mikrotik.com
URL: https://blog.mikrotik.com/security/meris-botnet.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://blog.mikrotik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 16 Feb 2023 17:06:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 16 Feb 2023 15:45:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 16 Feb 2023 17:06:25 GMT
4.1.3.min.css
i.mt.lv/css/bootstrap/ 		138 KB
138 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i.mt.lv/css/bootstrap/4.1.3.min.css
Requested by
Host: blog.mikrotik.com
URL: https://blog.mikrotik.com/security/meris-botnet.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.148.172.231 , Latvia, ASN51894 (AS_MIKROTIKLS, LV),
Reverse DNS
Software
nginx /
Resource Hash
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://blog.mikrotik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 17:06:25 GMT
x-content-type-options
nosniff
last-modified
Mon, 09 Dec 2019 09:44:33 GMT
server
nginx
etag
"5dee1781-22688"
content-type
text/css
cache-control
max-age=315360000
accept-ranges
bytes
content-length
140936
expires
Thu, 31 Dec 2037 23:55:55 GMT
custom.css
blog.mikrotik.com/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blog.mikrotik.com/css/custom.css
Requested by
Host: blog.mikrotik.com
URL: https://blog.mikrotik.com/security/meris-botnet.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:610:7501:1000::195 , Latvia, ASN51894 (AS_MIKROTIKLS, LV),
Reverse DNS
Software
Apache /
Resource Hash
857cf2ae0970dc9fc9a75042fa63343f0900840a0bc44b96ca93fc5752f924d3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://blog.mikrotik.com/security/meris-botnet.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Thu, 16 Feb 2023 17:06:24 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Encoding
gzip
Last-Modified
Fri, 15 Mar 2019 10:16:06 GMT
Server
Apache
ETag
"1989-5841f53b716bc-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=999
Content-Length
1997
Expires
Thu, 23 Feb 2023 17:06:24 GMT
js
www.googletagmanager.com/gtag/ 		110 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-51398566-10
Requested by
Host: blog.mikrotik.com
URL: https://blog.mikrotik.com/security/meris-botnet.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2008 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
58f043020c836455163c8110753732d4998fa214139bec43250fc6f9ce6b4427
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://blog.mikrotik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 17:06:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44098
x-xss-protection
0
last-modified
Thu, 16 Feb 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 16 Feb 2023 17:06:25 GMT
jquery-3.3.1.min.js
i.mt.lv/js/jquery/ 		85 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.mt.lv/js/jquery/jquery-3.3.1.min.js
Requested by
Host: blog.mikrotik.com
URL: https://blog.mikrotik.com/security/meris-botnet.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.148.172.231 , Latvia, ASN51894 (AS_MIKROTIKLS, LV),
Reverse DNS
Software
nginx /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://blog.mikrotik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 17:06:25 GMT
x-content-type-options
nosniff
last-modified
Mon, 09 Dec 2019 09:44:33 GMT
server
nginx
etag
"5dee1781-1538f"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
content-length
86927
expires
Thu, 31 Dec 2037 23:55:55 GMT
4.1.3.min.js
i.mt.lv/js/bootstrap/ 		50 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.mt.lv/js/bootstrap/4.1.3.min.js
Requested by
Host: blog.mikrotik.com
URL: https://blog.mikrotik.com/security/meris-botnet.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.148.172.231 , Latvia, ASN51894 (AS_MIKROTIKLS, LV),
Reverse DNS
Software
nginx /
Resource Hash
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://blog.mikrotik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 17:06:26 GMT
x-content-type-options
nosniff
last-modified
Mon, 09 Dec 2019 09:44:33 GMT
server
nginx
etag
"5dee1781-c75f"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
content-length
51039
expires
Thu, 31 Dec 2037 23:55:55 GMT
scrollup-2.4.1.min.js
i.mt.lv/js/jquery/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.mt.lv/js/jquery/scrollup-2.4.1.min.js
Requested by
Host: blog.mikrotik.com
URL: https://blog.mikrotik.com/security/meris-botnet.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.148.172.231 , Latvia, ASN51894 (AS_MIKROTIKLS, LV),
Reverse DNS
Software
nginx /
Resource Hash
b7662ba99a132eafd0b7ccc8c3404c8ae442d97e7e6b73bb3ce0d4f11c28c98c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://blog.mikrotik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 17:06:26 GMT
x-content-type-options
nosniff
last-modified
Mon, 09 Dec 2019 09:44:33 GMT
server
nginx
etag
"5dee1781-7f3"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
content-length
2035
expires
Thu, 31 Dec 2037 23:55:55 GMT
ui-easing.unknown.min.js
i.mt.lv/js/jquery/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.mt.lv/js/jquery/ui-easing.unknown.min.js
Requested by
Host: blog.mikrotik.com
URL: https://blog.mikrotik.com/security/meris-botnet.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.148.172.231 , Latvia, ASN51894 (AS_MIKROTIKLS, LV),
Reverse DNS
Software
nginx /
Resource Hash
79cae730bb235a3041521278e905209e2be9f0b817dd2b8742a05dad8b1dc5aa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://blog.mikrotik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 17:06:26 GMT
x-content-type-options
nosniff
last-modified
Mon, 09 Dec 2019 09:44:33 GMT
server
nginx
etag
"5dee1781-cec"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
content-length
3308
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo.svg
blog.mikrotik.com/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.mikrotik.com/img/logo.svg
Requested by
Host: blog.mikrotik.com
URL: https://blog.mikrotik.com/security/meris-botnet.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:610:7501:1000::195 , Latvia, ASN51894 (AS_MIKROTIKLS, LV),
Reverse DNS
Software
Apache /
Resource Hash
20057448b4a1d16768394ea8edc2b8ce71adca9f4aae3143ea77f2af525565b7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://blog.mikrotik.com/security/meris-botnet.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Thu, 16 Feb 2023 17:06:26 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Last-Modified
Tue, 29 May 2018 10:15:09 GMT
Server
Apache
ETag
"8d2-56d5582534c5d"
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=998
Content-Length
2258
warningbanner.jpg
blog.mikrotik.com/couch/uploads/image/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.mikrotik.com/couch/uploads/image/warningbanner.jpg
Requested by
Host: blog.mikrotik.com
URL: https://blog.mikrotik.com/security/meris-botnet.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:610:7501:1000::195 , Latvia, ASN51894 (AS_MIKROTIKLS, LV),
Reverse DNS
Software
Apache /
Resource Hash
9de9c99a0ff62aee32902aa3d12d19005bc5ca25b98780a03574407f9164718b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://blog.mikrotik.com/security/meris-botnet.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Thu, 16 Feb 2023 17:06:26 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Last-Modified
Tue, 09 Oct 2018 06:30:29 GMT
Server
Apache
ETag
"6407-577c5dfc35357"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=997
Content-Length
25607
Expires
Thu, 23 Feb 2023 17:06:26 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-51398566-10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://blog.mikrotik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 16 Feb 2023 16:47:24 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
1142
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Thu, 16 Feb 2023 18:47:24 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://blog.mikrotik.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 07:22:01 GMT
x-content-type-options
nosniff
age
121465
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13052
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:09:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Feb 2024 07:22:01 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://blog.mikrotik.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 21:34:17 GMT
x-content-type-options
nosniff
age
156729
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13036
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:04:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Feb 2024 21:34:17 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwmRduz8A.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwmRduz8A.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
51fc350bb83c998a124f1bb756b38cc218912b1f2952e6f1c755c1a13da69f04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://blog.mikrotik.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 03:57:44 GMT
x-content-type-options
nosniff
age
133722
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11696
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:13:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Feb 2024 03:57:44 GMT
collect
www.google-analytics.com/j/ 		2 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=29910517&t=pageview&_s=1&dl=https%3A%2F%2Fblog.mikrotik.com%2Fsecurity%2Fmeris-botnet.html&ul=en-us&de=UTF-8&dt=MikroTik%20blog%20-%20M%C4%93ris%20botnet&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1037779321&gjid=177975405&cid=1931879119.1676567186&tid=UA-51398566-10&_gid=145788319.1676567186&_r=1&gtm=457e32f0&z=884656116
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.mikrotik.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 16 Feb 2023 17:06:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://blog.mikrotik.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-51398566-10&cid=1931879119.1676567186&jid=1037779321&gjid=177975405&_gid=145788319.1676567186&_u=YEBAAUAAAAAAACAAI~&z=2023296159
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.mikrotik.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 16 Feb 2023 17:06:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://blog.mikrotik.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-51398566-10&cid=1931879119.1676567186&jid=1037779321&_u=YEBAAUAAAAAAACAAI~&z=306975680
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://blog.mikrotik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Feb 2023 17:06:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange object| google_tag_manager object| dataLayer function| gtag object| google_tag_data string| GoogleAnalyticsObject function| ga function| $ function| jQuery object| bootstrap object| gaplugins object| gaGlobal object| gaData

4 Cookies

Domain/Path Name / Value
blog.mikrotik.com/ Name: PHPSESSID
Value: nudgdqrb7evdvs3vc7f9ggt7b5
.mikrotik.com/ Name: _ga
Value: GA1.2.1931879119.1676567186
.mikrotik.com/ Name: _gid
Value: GA1.2.145788319.1676567186
.mikrotik.com/ Name: _gat_gtag_UA_51398566_10
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blog.mikrotik.com
fonts.googleapis.com
fonts.gstatic.com
i.mt.lv
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
159.148.172.231
2607:f8b0:4004:c1d::9b
2607:f8b0:4006:80b::2004
2607:f8b0:4006:80e::200e
2607:f8b0:4006:817::200a
2607:f8b0:4006:81f::2003
2607:f8b0:4006:81f::2008
2a02:610:7501:1000::195
05b9ef5fbb899aa12a90ba796351973924c098f3cb1cc1cde1196a4b623f09c2
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
20057448b4a1d16768394ea8edc2b8ce71adca9f4aae3143ea77f2af525565b7
51fc350bb83c998a124f1bb756b38cc218912b1f2952e6f1c755c1a13da69f04
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
58f043020c836455163c8110753732d4998fa214139bec43250fc6f9ce6b4427
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
79cae730bb235a3041521278e905209e2be9f0b817dd2b8742a05dad8b1dc5aa
857cf2ae0970dc9fc9a75042fa63343f0900840a0bc44b96ca93fc5752f924d3
9de9c99a0ff62aee32902aa3d12d19005bc5ca25b98780a03574407f9164718b
b7662ba99a132eafd0b7ccc8c3404c8ae442d97e7e6b73bb3ce0d4f11c28c98c
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629