blog.mikrotik.com Open in urlscan Pro
2a02:610:7501:1000::195 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://blog.mikrotik.com/security/winbox-vulnerability.html
Submission: On September 04 via api (September 4th 2019, 8:37:56 pm UTC) from US

Summary HTTP 17 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 9 domains to perform 17 HTTP transactions. The main IP is 2a02:610:7501:1000::195, located in Latvia and belongs to AS_MIKROTIKLS, LV. The main domain is blog.mikrotik.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on July 31st 2019. Valid for: 3 months.

This is the only time blog.mikrotik.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	2a02:610:7501... 2a02:610:7501:1000::195	51894 (AS_MIKROT...) (AS_MIKROTIKLS)
1	2a00:1450:400... 2a00:1450:4001:81a::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
5	2a02:610:7501... 2a02:610:7501:3000::226	51894 (AS_MIKROT...) (AS_MIKROTIKLS)
1	2a00:1450:400... 2a00:1450:4001:819::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	2a00:1450:400... 2a00:1450:4001:825::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:4001:81f::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81e::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
17	7

6 2a02:610:7501:1000::195 (Latvia)

ASN51894 (AS_MIKROTIKLS, LV)

blog.mikrotik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:610:7501:3000::226 (Latvia)

ASN51894 (AS_MIKROTIKLS, LV)

i.mt.lv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	mikrotik.com blog.mikrotik.com	648 KB
5	mt.lv i.mt.lv	68 KB
2	gstatic.com fonts.gstatic.com	26 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
1	google.de www.google.de	109 B
1	google.com 1 redirects www.google.com	185 B
1	doubleclick.net 1 redirects stats.g.doubleclick.net	166 B
1	googletagmanager.com www.googletagmanager.com	26 KB
1	googleapis.com fonts.googleapis.com	714 B
17	9

	Domain	Requested by
6	blog.mikrotik.com	blog.mikrotik.com
5	i.mt.lv	blog.mikrotik.com
2	fonts.gstatic.com	blog.mikrotik.com
2	www.google-analytics.com	1 redirects www.googletagmanager.com
1	www.google.de	blog.mikrotik.com
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	www.googletagmanager.com	blog.mikrotik.com
1	fonts.googleapis.com	blog.mikrotik.com
17	9

This site contains links to these domains. Also see Links.

Domain
mikrotik.com
wiki.mikrotik.com
www.facebook.com
twitter.com
www.youtube.com
forum.mikrotik.com

Subject Issuer	Validity	Valid
blog.mikrotik.com Let's Encrypt Authority X3	`2019-07-31` - `2019-10-29`	3 months	crt.sh
*.googleapis.com GTS CA 1O1	`2019-08-13` - `2019-11-11`	3 months	crt.sh
mt.lv Let's Encrypt Authority X3	`2019-07-13` - `2019-10-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-08-13` - `2019-11-11`	3 months	crt.sh
*.google.com GTS CA 1O1	`2019-08-13` - `2019-11-11`	3 months	crt.sh
www.google.de GTS CA 1O1	`2019-08-13` - `2019-11-11`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://blog.mikrotik.com/security/winbox-vulnerability.html
Frame ID: 0C534F44B5EABB2D1CA497BB3DE9FC64
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

17
Requests

100 %
HTTPS

100 %
IPv6

9
Domains

9
Subdomains

7
IPs

3
Countries

786 kB
Transfer

1083 kB
Size

4
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://mikrotik.com/
Title: MikroTik.com

Search URL Search Domain Scan URL

URL: https://wiki.mikrotik.com/wiki/Manual:Securing_Your_Router
Title: add firewall according to our guidelines

Search URL Search Domain Scan URL

URL: https://www.facebook.com/mikrotik
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/mikrotik_com
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/mikrotik
Title: Youtube

Search URL Search Domain Scan URL

URL: https://forum.mikrotik.com/
Title: MikroTik forum

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1108196402&t=pageview&_s=1&dl=https%3A%2F%2Fblog.mikrotik.com%2Fsecurity%2Fwinbox-vulnerability.html&ul=en-us&de=UTF-8&dt=MikroTik%20blog%20-%20CVE-2018-14847%20winbox%20vulnerability&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=952588533&gjid=461344963&cid=1374653501.1567629461&tid=UA-51398566-10&_gid=182403029.1567629461&_r=1&gtm=2ou8l2&z=1538649901 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-51398566-10&cid=1374653501.1567629461&jid=952588533&_gid=182403029.1567629461&gjid=461344963&_v=j79&z=1538649901 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-51398566-10&cid=1374653501.1567629461&jid=952588533&_v=j79&z=1538649901 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-51398566-10&cid=1374653501.1567629461&jid=952588533&_v=j79&z=1538649901&slf_rd=1&random=3677954915

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set winbox-vulnerability.html Show response
blog.mikrotik.com/security/ 18 KB
5 KB 169ms
87ms Document
text/html 2a02:610:7501:1000::195
AS_MIKROTIKLS

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.mikrotik.com/security/winbox-vulnerability.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:610:7501:1000::195 , Latvia, ASN51894 (AS_MIKROTIKLS, LV),
Reverse DNS
Software: Apache /
Resource Hash: d5da3054faa8fec03d6b68f6a370b2c430e17e43fb91dbdb530ae49a38f827eb

Request headers

Host: blog.mikrotik.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: none
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1

Response headers

Date: Wed, 04 Sep 2019 20:37:40 GMT
Server: Apache
Set-Cookie: PHPSESSID=02cromiccus7svdc0hn13b7pgs; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 4791
Keep-Alive: timeout=5, max=1000
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8

GET
H2 200 css
fonts.googleapis.com/ 5 KB
714 B 20ms
16ms Stylesheet
text/css 2a00:1450:4001:81a::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: blog.mikrotik.com
URL: https://blog.mikrotik.com/security/winbox-vulnerability.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

89ac1771ea8d65a47a2e165b6e4697ad9cacda83315b9ddffbcb2e4782c128e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://blog.mikrotik.com/security/winbox-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Wed, 04 Sep 2019 20:37:40 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Wed, 04 Sep 2019 20:37:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection: 0
expires: Wed, 04 Sep 2019 20:37:40 GMT

GET
H/1.1 200
OK 4.1.3.min.css
i.mt.lv/css/bootstrap/ 138 KB
21 KB 234ms
85ms Stylesheet
text/css 2a02:610:7501:3000::226
AS_MIKROTIKLS

General

Check archive.org

Show headers Download Go to

Full URL

https://i.mt.lv/css/bootstrap/4.1.3.min.css

Requested by

Host: blog.mikrotik.com
URL: https://blog.mikrotik.com/security/winbox-vulnerability.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:610:7501:3000::226 , Latvia, ASN51894 (AS_MIKROTIKLS, LV),

Reverse DNS

Software

nginx /

Resource Hash

7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://blog.mikrotik.com/security/winbox-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 04 Sep 2019 20:37:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 18 Feb 2019 14:10:03 GMT
Server: nginx
ETag: W/"5c6abcbb-22688"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK custom.css
blog.mikrotik.com/css/ 6 KB
2 KB 41ms
38ms Stylesheet
text/css 2a02:610:7501:1000::195
AS_MIKROTIKLS

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.mikrotik.com/css/custom.css
Requested by: Host: blog.mikrotik.com
URL: https://blog.mikrotik.com/security/winbox-vulnerability.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:610:7501:1000::195 , Latvia, ASN51894 (AS_MIKROTIKLS, LV),
Reverse DNS
Software: Apache /
Resource Hash: 857cf2ae0970dc9fc9a75042fa63343f0900840a0bc44b96ca93fc5752f924d3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://blog.mikrotik.com/security/winbox-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 04 Sep 2019 20:37:40 GMT
Content-Encoding: gzip
Last-Modified: Fri, 15 Mar 2019 10:16:06 GMT
Server: Apache
ETag: "1989-5841f53b716bc-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=999
Content-Length: 1997
Expires: Wed, 11 Sep 2019 20:37:40 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 68 KB
26 KB 24ms
21ms Script
application/javascript 2a00:1450:4001:819::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-51398566-10

Requested by

Host: blog.mikrotik.com
URL: https://blog.mikrotik.com/security/winbox-vulnerability.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1ad19442e29e8470d3e0545299d103225a708e87f8edcb5d4999d1c52e0f0a10

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://blog.mikrotik.com/security/winbox-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 04 Sep 2019 20:37:40 GMT
content-encoding: br
last-modified: Wed, 04 Sep 2019 18:00:00 GMT
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 26611
x-xss-protection: 0
expires: Wed, 04 Sep 2019 20:37:40 GMT

GET
H/1.1 200
OK jquery-3.3.1.min.js Show response
i.mt.lv/js/jquery/ 85 KB
30 KB 231ms
83ms Script
application/javascript 2a02:610:7501:3000::226
AS_MIKROTIKLS

General

Check archive.org

Show headers Download Go to

Full URL

https://i.mt.lv/js/jquery/jquery-3.3.1.min.js

Requested by

Host: blog.mikrotik.com
URL: https://blog.mikrotik.com/security/winbox-vulnerability.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:610:7501:3000::226 , Latvia, ASN51894 (AS_MIKROTIKLS, LV),

Reverse DNS

Software

nginx /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://blog.mikrotik.com/security/winbox-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 04 Sep 2019 20:37:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 10 Dec 2018 10:07:03 GMT
Server: nginx
ETag: W/"5c0e3ac7-1538f"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 4.1.3.min.js Show response
i.mt.lv/js/bootstrap/ 50 KB
14 KB 199ms
86ms Script
application/javascript 2a02:610:7501:3000::226
AS_MIKROTIKLS

General

Check archive.org

Show headers Download Go to

Full URL

https://i.mt.lv/js/bootstrap/4.1.3.min.js

Requested by

Host: blog.mikrotik.com
URL: https://blog.mikrotik.com/security/winbox-vulnerability.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:610:7501:3000::226 , Latvia, ASN51894 (AS_MIKROTIKLS, LV),

Reverse DNS

Software

nginx /

Resource Hash

56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://blog.mikrotik.com/security/winbox-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 04 Sep 2019 20:37:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 18 Feb 2019 13:30:02 GMT
Server: nginx
ETag: W/"5c6ab35a-c75f"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK scrollup-2.4.1.min.js Show response
i.mt.lv/js/jquery/ 2 KB
1 KB 39ms
38ms Script
application/javascript 2a02:610:7501:3000::226
AS_MIKROTIKLS

General

Check archive.org

Show headers Download Go to

Full URL

https://i.mt.lv/js/jquery/scrollup-2.4.1.min.js

Requested by

Host: blog.mikrotik.com
URL: https://blog.mikrotik.com/security/winbox-vulnerability.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:610:7501:3000::226 , Latvia, ASN51894 (AS_MIKROTIKLS, LV),

Reverse DNS

Software

nginx /

Resource Hash

b7662ba99a132eafd0b7ccc8c3404c8ae442d97e7e6b73bb3ce0d4f11c28c98c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://blog.mikrotik.com/security/winbox-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 04 Sep 2019 20:37:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 25 Feb 2019 12:35:03 GMT
Server: nginx
ETag: W/"5c73e0f7-7f3"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK ui-easing.unknown.min.js Show response
i.mt.lv/js/jquery/ 3 KB
1 KB 41ms
40ms Script
application/javascript 2a02:610:7501:3000::226
AS_MIKROTIKLS

General

Check archive.org

Show headers Download Go to

Full URL

https://i.mt.lv/js/jquery/ui-easing.unknown.min.js

Requested by

Host: blog.mikrotik.com
URL: https://blog.mikrotik.com/security/winbox-vulnerability.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:610:7501:3000::226 , Latvia, ASN51894 (AS_MIKROTIKLS, LV),

Reverse DNS

Software

nginx /

Resource Hash

79cae730bb235a3041521278e905209e2be9f0b817dd2b8742a05dad8b1dc5aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://blog.mikrotik.com/security/winbox-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 04 Sep 2019 20:37:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 25 Feb 2019 12:35:03 GMT
Server: nginx
ETag: W/"5c73e0f7-cec"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK logo.svg
blog.mikrotik.com/img/ 2 KB
3 KB 39ms
38ms Image
image/svg+xml 2a02:610:7501:1000::195
AS_MIKROTIKLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.mikrotik.com/img/logo.svg
Requested by: Host: blog.mikrotik.com
URL: https://blog.mikrotik.com/security/winbox-vulnerability.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:610:7501:1000::195 , Latvia, ASN51894 (AS_MIKROTIKLS, LV),
Reverse DNS
Software: Apache /
Resource Hash: 20057448b4a1d16768394ea8edc2b8ce71adca9f4aae3143ea77f2af525565b7

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://blog.mikrotik.com/security/winbox-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 04 Sep 2019 20:37:40 GMT
Last-Modified: Tue, 29 May 2018 10:15:09 GMT
Server: Apache
ETag: "8d2-56d5582534c5d"
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=998
Content-Length: 2258

GET
H/1.1 200
OK vuln.jpg
blog.mikrotik.com/couch/uploads/image/ 375 KB
375 KB 79ms
39ms Image
image/jpeg 2a02:610:7501:1000::195
AS_MIKROTIKLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.mikrotik.com/couch/uploads/image/vuln.jpg
Requested by: Host: blog.mikrotik.com
URL: https://blog.mikrotik.com/security/winbox-vulnerability.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:610:7501:1000::195 , Latvia, ASN51894 (AS_MIKROTIKLS, LV),
Reverse DNS
Software: Apache /
Resource Hash: 7a347def2b666595d2b075805c070dada64729d705aabee212d4225307f5b132

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://blog.mikrotik.com/security/winbox-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 04 Sep 2019 20:37:40 GMT
Last-Modified: Fri, 20 Jul 2018 06:40:57 GMT
Server: Apache
ETag: "5dab1-57168940aa8da"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=997
Content-Length: 383665
Expires: Wed, 11 Sep 2019 20:37:40 GMT

GET
H/1.1 200
OK screen-shot-2018-04-23-at-13-01-48.png
blog.mikrotik.com/couch/uploads/image/ 260 KB
260 KB 118ms
39ms Image
image/png 2a02:610:7501:1000::195
AS_MIKROTIKLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.mikrotik.com/couch/uploads/image/screen-shot-2018-04-23-at-13-01-48.png
Requested by: Host: blog.mikrotik.com
URL: https://blog.mikrotik.com/security/winbox-vulnerability.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:610:7501:1000::195 , Latvia, ASN51894 (AS_MIKROTIKLS, LV),
Reverse DNS
Software: Apache /
Resource Hash: c629bdebf31cc5f47657be1e4a2f302987fc8919e1ea4e500b77e0d90e459dd3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://blog.mikrotik.com/security/winbox-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 04 Sep 2019 20:37:41 GMT
Last-Modified: Thu, 19 Jul 2018 05:51:38 GMT
Server: Apache
ETag: "40fc5-57153c5ceceb7"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=1000
Content-Length: 266181
Expires: Wed, 11 Sep 2019 20:37:41 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:825::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-51398566-10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://blog.mikrotik.com/security/winbox-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 6847
date: Wed, 04 Sep 2019 18:43:33 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 17803
expires: Wed, 04 Sep 2019 20:43:33 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v13/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81d::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v13/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu3cOWxw.woff2

Requested by

Host: blog.mikrotik.com
URL: https://blog.mikrotik.com/security/winbox-vulnerability.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

fc772b0188bc262494be9dc529c50893ae189110dfcad5a286512b737aef93b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Origin: https://blog.mikrotik.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 02 Sep 2019 13:45:54 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:07 GMT
server: sffe
age: 197506
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 13108
x-xss-protection: 0
expires: Tue, 01 Sep 2020 13:45:54 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
fonts.gstatic.com/s/sourcesanspro/v13/ 13 KB
13 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:81d::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v13/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2

Requested by

Host: blog.mikrotik.com
URL: https://blog.mikrotik.com/security/winbox-vulnerability.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Origin: https://blog.mikrotik.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 26 Aug 2019 09:24:58 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:19 GMT
server: sffe
age: 817962
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 13324
x-xss-protection: 0
expires: Tue, 25 Aug 2020 09:24:58 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1108196402&t=pageview&_s=1&dl=https%3A%2F%2Fblog.mikrotik.com%2Fsecurity%2Fwinbox-vulnerability.html&ul=en-us&de=UTF-8&dt=MikroTik%20blog%20-...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-51398566-10&cid=1374653501.1567629461&jid=952588533&_gid=182403029.1567629461&gjid=461344963&_v=j79&z=1538649901
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-51398566-10&cid=1374653501.1567629461&jid=952588533&_v=j79&z=1538649901
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-51398566-10&cid=1374653501.1567629461&jid=952588533&_v=j79&z=1538649901&slf_rd=1&random=3677954915

42 B
109 B

33ms
32ms

Image
image/gif

2a00:1450:4001:81e::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-51398566-10&cid=1374653501.1567629461&jid=952588533&_v=j79&z=1538649901&slf_rd=1&random=3677954915

Requested by

Host: blog.mikrotik.com
URL: https://blog.mikrotik.com/security/winbox-vulnerability.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.mikrotik.com/security/winbox-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Sep 2019 20:37:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 04 Sep 2019 20:37:41 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-51398566-10&cid=1374653501.1567629461&jid=952588533&_v=j79&z=1538649901&slf_rd=1&random=3677954915
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK top.png
blog.mikrotik.com/img/ 3 KB
3 KB 39ms
39ms Image
image/png 2a02:610:7501:1000::195
AS_MIKROTIKLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.mikrotik.com/img/top.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:610:7501:1000::195 , Latvia, ASN51894 (AS_MIKROTIKLS, LV),
Reverse DNS
Software: Apache /
Resource Hash: 98f55801990eb8a69c6d38835eb796fecf2e66aa1baa5025135b43cb03311e8a

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://blog.mikrotik.com/css/custom.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 04 Sep 2019 20:37:41 GMT
Last-Modified: Tue, 29 May 2018 10:15:09 GMT
Server: Apache
ETag: "b02-56d5582534c5d"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=999
Content-Length: 2818
Expires: Wed, 11 Sep 2019 20:37:41 GMT

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mikrotik.com/	1970-01-19 03:28:35	Name: _gid Value: GA1.2.182403029.1567629461
.mikrotik.com/	1970-01-19 03:27:09	Name: _gat_gtag_UA_51398566_10 Value: 1
.mikrotik.com/	1970-01-19 20:58:21	Name: _ga Value: GA1.2.1374653501.1567629461
blog.mikrotik.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 02cromiccus7svdc0hn13b7pgs

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blog.mikrotik.com
fonts.googleapis.com
fonts.gstatic.com
i.mt.lv
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
2a00:1450:4001:819::2008
2a00:1450:4001:81a::200a
2a00:1450:4001:81d::2003
2a00:1450:4001:81e::2003
2a00:1450:4001:81f::2004
2a00:1450:4001:825::200e
2a00:1450:400c:c00::9d
2a02:610:7501:1000::195
2a02:610:7501:3000::226
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1ad19442e29e8470d3e0545299d103225a708e87f8edcb5d4999d1c52e0f0a10
20057448b4a1d16768394ea8edc2b8ce71adca9f4aae3143ea77f2af525565b7
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
79cae730bb235a3041521278e905209e2be9f0b817dd2b8742a05dad8b1dc5aa
7a347def2b666595d2b075805c070dada64729d705aabee212d4225307f5b132
857cf2ae0970dc9fc9a75042fa63343f0900840a0bc44b96ca93fc5752f924d3
89ac1771ea8d65a47a2e165b6e4697ad9cacda83315b9ddffbcb2e4782c128e6
98f55801990eb8a69c6d38835eb796fecf2e66aa1baa5025135b43cb03311e8a
b7662ba99a132eafd0b7ccc8c3404c8ae442d97e7e6b73bb3ce0d4f11c28c98c
c629bdebf31cc5f47657be1e4a2f302987fc8919e1ea4e500b77e0d90e459dd3
d5da3054faa8fec03d6b68f6a370b2c430e17e43fb91dbdb530ae49a38f827eb
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fc772b0188bc262494be9dc529c50893ae189110dfcad5a286512b737aef93b8

blog.mikrotik.com Open in urlscan Pro 2a02:610:7501:1000::195 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

17 Requests

100 %HTTPS

100 %IPv6

9 Domains

9 Subdomains

7 IPs

3 Countries

786 kBTransfer

1083 kBSize

4 Cookies

6 Outgoing links

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

4 Cookies

Indicators

blog.mikrotik.com Open in urlscan Pro
2a02:610:7501:1000::195 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

100 %
HTTPS

100 %
IPv6

9
Domains

9
Subdomains

7
IPs

3
Countries

786 kB
Transfer

1083 kB
Size

4
Cookies

17 HTTP transactions
0 data transactions