cwe.mitre.org Open in urlscan Pro
198.49.146.205 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://cwe.mitre.org/data/definitions/937.html
Effective URL:
https://cwe.mitre.org/data/definitions/937.html
Submission: On December 15 via api (December 15th 2023, 2:42:19 pm UTC) from GB — Scanned from GB

Summary HTTP 36 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 36 HTTP transactions. The main IP is 198.49.146.205, located in United States and belongs to MITRE-AS-1, US. The main domain is cwe.mitre.org. The Cisco Umbrella rank of the primary domain is 512670.
TLS certificate: Issued by Entrust Certification Authority - L1K on February 27th 2023. Valid for: a year.

This is the only time cwe.mitre.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 34	198.49.146.205 198.49.146.205	35 (MITRE-AS-1) (MITRE-AS-1)
1	2600:9000:211... 2600:9000:211e:7e00:3:b7e:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
36	4

34 198.49.146.205 (United States) 1 redirects

ASN35 (MITRE-AS-1, US)

cwe.mitre.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:7e00:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	mitre.org 1 redirects cwe.mitre.org — Cisco Umbrella Rank: 512670	461 KB
1	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 587	17 KB
1	osano.com cmp.osano.com — Cisco Umbrella Rank: 4989	85 KB
36	3

	Domain	Requested by
34	cwe.mitre.org	1 redirects cwe.mitre.org
1	ssl.google-analytics.com	cmp.osano.com
1	cmp.osano.com	cwe.mitre.org
36	3

This site contains links to these domains. Also see Links.

Domain
www.mail-archive.com
twitter.com
mastodon.social
www.linkedin.com
www.youtube.com
medium.com
www.owasp.org
www.mitre.org
www.dhs.gov

Subject Issuer	Validity	Valid
msm.mitre.org Entrust Certification Authority - L1K	`2023-02-27` - `2024-03-27`	a year	crt.sh
*.osano.com Amazon RSA 2048 M03	`2023-10-18` - `2024-11-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://cwe.mitre.org/data/definitions/937.html
Frame ID: 17918AF88BA6B98B97190A29B1F0878B
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CWE - CWE-937: OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities (4.13)

Page URL History Show full URLs

http://cwe.mitre.org/data/definitions/937.html HTTP 302
https://cwe.mitre.org/data/definitions/937.html Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

36
Requests

97 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

563 kB
Transfer

776 kB
Size

2
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.mail-archive.com/cwe-research-list@mitre.org/
Title: Discussion Archives

Search URL Search Domain Scan URL

URL: https://twitter.com/CweCapec
Title: X (formerly Twitter)

Search URL Search Domain Scan URL

URL: https://mastodon.social/@CWE_Program
Title: Mastodon

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/showcase/cve-cwe-capec
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCpY9VIpRmFK4ebD6orssifA
Title: YouTube

Search URL Search Domain Scan URL

URL: https://medium.com/@CWE_CAPEC
Title: Medium

Search URL Search Domain Scan URL

URL: https://www.owasp.org/index.php/Top_10_2013-A9-Using_Components_with_Known_Vulnerabilities
Title: https://www.owasp.org/index.php/Top_10_2013-A9-Using_Components_with_Known_Vulnerabilities

Search URL Search Domain Scan URL

URL: http://www.mitre.org/

Search URL Search Domain Scan URL

URL: https://www.dhs.gov/
Title: U.S. Department of Homeland Security

Search URL Search Domain Scan URL

URL: https://www.dhs.gov/cisa/cybersecurity-division
Title: Cybersecurity and Infrastructure Security Agency

Search URL Search Domain Scan URL

URL: https://www.dhs.gov/science-and-technology/hssedi
Title: Homeland Security Systems Engineering and Development Institute

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://cwe.mitre.org/data/definitions/937.html HTTP 302
https://cwe.mitre.org/data/definitions/937.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request 937.html Show response
cwe.mitre.org/data/definitions/
Redirect Chain

http://cwe.mitre.org/data/definitions/937.html
https://cwe.mitre.org/data/definitions/937.html

25 KB
27 KB

447ms
113ms

Document
text/html

198.49.146.205
MITRE-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cwe.mitre.org/data/definitions/937.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.49.146.205 , United States, ASN35 (MITRE-AS-1, US),

Reverse DNS

Software

Resource Hash

255eb175f448dcc07b181bfd659421f02daa50f4fd9c4209f7b81614f360f7b8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Security-Policy: default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Content-Type: text/html
Date: Fri, 15 Dec 2023 14:42:14 GMT
Keep-Alive: timeout=15, max=100
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

Redirect headers

Connection: Keep-Alive
Content-Length: 0
Location: https://cwe.mitre.org/data/definitions/937.html
Server: BigIP

GET
H/1.1 200
OK main.css
cwe.mitre.org/css/ 64 KB
66 KB 209ms
110ms Stylesheet
text/css 198.49.146.205
MITRE-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cwe.mitre.org/css/main.css?version=4.13.120623

Requested by

Host: cwe.mitre.org
URL: https://cwe.mitre.org/data/definitions/937.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.49.146.205 , United States, ASN35 (MITRE-AS-1, US),

Reverse DNS

Software

Resource Hash

b55d269df48e247f9ff26a8f15b7d97817bfa0f3c25eb7059d9f517b5aa2f54d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cwe.mitre.org/data/definitions/937.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 15 Dec 2023 14:42:14 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Last-Modified: Wed, 13 Dec 2023 18:06:01 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 65843
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK custom.css
cwe.mitre.org/css/ 1 KB
3 KB 321ms
111ms Stylesheet
text/css 198.49.146.205
MITRE-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cwe.mitre.org/css/custom.css

Requested by

Host: cwe.mitre.org
URL: https://cwe.mitre.org/data/definitions/937.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.49.146.205 , United States, ASN35 (MITRE-AS-1, US),

Reverse DNS

Software

Resource Hash

d08695b40e67356734c4441e150e531523d14c1dc4eb11c6cde54864afea81a5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cwe.mitre.org/data/definitions/937.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 15 Dec 2023 14:42:14 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Last-Modified: Mon, 24 Apr 2023 15:18:21 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 1242
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK safari.css
cwe.mitre.org/css/ 238 B
2 KB 320ms
110ms Stylesheet
text/css 198.49.146.205
MITRE-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cwe.mitre.org/css/safari.css

Requested by

Host: cwe.mitre.org
URL: https://cwe.mitre.org/data/definitions/937.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.49.146.205 , United States, ASN35 (MITRE-AS-1, US),

Reverse DNS

Software

Resource Hash

03ff13335ad1c60cc94438b640a5960350625473f3ad883bca924a04f31b4d9c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cwe.mitre.org/data/definitions/937.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 15 Dec 2023 14:42:14 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Last-Modified: Tue, 27 Aug 2013 22:01:22 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 238
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK custom_filter.js Show response
cwe.mitre.org/includes/ 10 KB
12 KB 324ms
114ms Script
application/javascript 198.49.146.205
MITRE-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cwe.mitre.org/includes/custom_filter.js

Requested by

Host: cwe.mitre.org
URL: https://cwe.mitre.org/data/definitions/937.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.49.146.205 , United States, ASN35 (MITRE-AS-1, US),

Reverse DNS

Software

Resource Hash

577ac33e015720672448e86ad80edc6d9a570a7fdc4f7aea447c0fc5441ad807

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cwe.mitre.org/data/definitions/937.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 15 Dec 2023 14:42:14 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Last-Modified: Fri, 28 Jul 2023 19:06:55 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 10641
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK browserheight.js Show response
cwe.mitre.org/includes/ 2 KB
4 KB 322ms
112ms Script
application/javascript 198.49.146.205
MITRE-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cwe.mitre.org/includes/browserheight.js

Requested by

Host: cwe.mitre.org
URL: https://cwe.mitre.org/data/definitions/937.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.49.146.205 , United States, ASN35 (MITRE-AS-1, US),

Reverse DNS

Software

Resource Hash

4f84d4a6ea9f0f49d674ad44f84f65b98d3e610c31c242d38be25ddea15330aa

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cwe.mitre.org/data/definitions/937.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 15 Dec 2023 14:42:14 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Last-Modified: Thu, 30 Jan 2014 21:02:02 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 2117
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery.js Show response
cwe.mitre.org/includes/ 91 KB
92 KB 432ms
119ms Script
application/javascript 198.49.146.205
MITRE-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cwe.mitre.org/includes/jquery.js

Requested by

Host: cwe.mitre.org
URL: https://cwe.mitre.org/data/definitions/937.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.49.146.205 , United States, ASN35 (MITRE-AS-1, US),

Reverse DNS

Software

Resource Hash

29c9e8752f25b17961e3c6ff72de34b1f1a157dfc5fabb68bd148b8ec9002b17

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cwe.mitre.org/data/definitions/937.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 15 Dec 2023 14:42:14 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Last-Modified: Wed, 19 Feb 2014 00:40:17 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=98
Content-Length: 93113
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK cwe_minimizer.js Show response
cwe.mitre.org/includes/ 5 KB
6 KB 435ms
110ms Script
application/javascript 198.49.146.205
MITRE-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cwe.mitre.org/includes/cwe_minimizer.js?version=4.12.062923

Requested by

Host: cwe.mitre.org
URL: https://cwe.mitre.org/data/definitions/937.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.49.146.205 , United States, ASN35 (MITRE-AS-1, US),

Reverse DNS

Software

Resource Hash

fdb461f3de8ccf2fde57f09c07b6bd3fec04b1bdb18dfcbaaad0265388c95cab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cwe.mitre.org/data/definitions/937.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 15 Dec 2023 14:42:14 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Last-Modified: Wed, 25 Jan 2023 17:14:03 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 4767
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK cookie.js Show response
cwe.mitre.org/includes/ 5 KB
7 KB 436ms
111ms Script
application/javascript 198.49.146.205
MITRE-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cwe.mitre.org/includes/cookie.js?version=4.12.062923

Requested by

Host: cwe.mitre.org
URL: https://cwe.mitre.org/data/definitions/937.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.49.146.205 , United States, ASN35 (MITRE-AS-1, US),

Reverse DNS

Software

Resource Hash

c7a25cd1efba7488dae130ea37d363aeab0a90c030935dc61c56854d6c1c06c3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cwe.mitre.org/data/definitions/937.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 15 Dec 2023 14:42:14 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Last-Modified: Thu, 29 Jun 2023 01:54:37 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 5563
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK includeglossarydef.js Show response
cwe.mitre.org/includes/ 735 B
2 KB 434ms
109ms Script
application/javascript 198.49.146.205
MITRE-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cwe.mitre.org/includes/includeglossarydef.js

Requested by

Host: cwe.mitre.org
URL: https://cwe.mitre.org/data/definitions/937.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.49.146.205 , United States, ASN35 (MITRE-AS-1, US),

Reverse DNS

Software

Resource Hash

df16d9b2013663b079fb6af38b223ff8ee97fa3f9b7101e7163d917d3f27e8bc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cwe.mitre.org/data/definitions/937.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 15 Dec 2023 14:42:14 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Last-Modified: Thu, 19 Jun 2014 11:49:05 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 735
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK custom.js Show response
cwe.mitre.org/includes/ 4 KB
5 KB 435ms
111ms Script
application/javascript 198.49.146.205
MITRE-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cwe.mitre.org/includes/custom.js

Requested by

Host: cwe.mitre.org
URL: https://cwe.mitre.org/data/definitions/937.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.49.146.205 , United States, ASN35 (MITRE-AS-1, US),

Reverse DNS

Software

Resource Hash

d480d1a477e04b0c062367ccc2d1d4aaaab9f40e98db1dad245a7f77cad5ae4a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cwe.mitre.org/data/definitions/937.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 15 Dec 2023 14:42:14 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Last-Modified: Mon, 03 Feb 2020 20:45:09 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 4072
X-XSS-Protection: 1; mode=block

GET
H2 200 osano.js Show response
cmp.osano.com/AzyhULTdPkqmy4aDN/318aa814-0420-45bb-857d-8fb5fac33ff8/ 318 KB
85 KB 131ms
49ms Script
application/javascript 2600:9000:211e:7e00:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/AzyhULTdPkqmy4aDN/318aa814-0420-45bb-857d-8fb5fac33ff8/osano.js

Requested by

Host: cwe.mitre.org
URL: https://cwe.mitre.org/data/definitions/937.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:7e00:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

0077d821af2249e71254a8d02c687957c3c0a60a017684266ac9f23a73de7aa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cwe.mitre.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 10:10:11 GMT
content-encoding: br
via: 1.1 84f381696dd33e92960b92250106e464.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: FRA56-C2
age: 16323
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86148
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Dec 2023 17:58:46 GMT
server: CloudFront
etag: "3f97417ba4c62a3564c70ff813f63012"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-id: jKIWUmauxApNqMcN7D0_-6IVUAbYxZuLhZNBhgbVOtQz3iyg1mor_g==

GET
H/1.1 200
OK mappingonly.css
cwe.mitre.org/css/ 125 B
2 KB 322ms
113ms Stylesheet
text/css 198.49.146.205
MITRE-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cwe.mitre.org/css/mappingonly.css

Requested by

Host: cwe.mitre.org
URL: https://cwe.mitre.org/data/definitions/937.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.49.146.205 , United States, ASN35 (MITRE-AS-1, US),

Reverse DNS

Software

Resource Hash

ec66cb05612c7e9126c4e3e8d3668b969ef4fd93a215af173298770a436d6054

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cwe.mitre.org/data/definitions/937.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 15 Dec 2023 14:42:14 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Last-Modified: Thu, 19 Jan 2017 18:48:27 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 125
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK cwe_logo.jpg
cwe.mitre.org/images/ 20 KB
22 KB 117ms
116ms Image
image/jpeg 198.49.146.205
MITRE-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cwe.mitre.org/images/cwe_logo.jpg

Requested by

Host: cwe.mitre.org
URL: https://cwe.mitre.org/data/definitions/937.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.49.146.205 , United States, ASN35 (MITRE-AS-1, US),

Reverse DNS

Software

Resource Hash

b653ee0f761edfd0acbd114f114711c0eef95df6c4222eb5c25e657b037f14ff

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cwe.mitre.org/data/definitions/937.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 15 Dec 2023 14:42:14 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Last-Modified: Fri, 10 May 2013 20:06:43 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=98
Content-Length: 20653
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK new_to_cwe_click_here.png
cwe.mitre.org/images/new_to_cwe/ 45 KB
47 KB 108ms
108ms Image
image/png 198.49.146.205
MITRE-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cwe.mitre.org/images/new_to_cwe/new_to_cwe_click_here.png

Requested by

Host: cwe.mitre.org
URL: https://cwe.mitre.org/data/definitions/937.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.49.146.205 , United States, ASN35 (MITRE-AS-1, US),

Reverse DNS

Software

Resource Hash

d16c0c6eed2b738c37c1803e878bbd399cf88831b62c2d0e13bfec09f9f0b0bb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cwe.mitre.org/data/definitions/937.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 15 Dec 2023 14:42:14 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Last-Modified: Thu, 27 Apr 2023 17:01:31 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 46295
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK mihw_logo.svg
cwe.mitre.org/images/ 6 KB
7 KB 108ms
108ms Image
image/svg+xml 198.49.146.205
MITRE-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cwe.mitre.org/images/mihw_logo.svg

Requested by

Host: cwe.mitre.org
URL: https://cwe.mitre.org/data/definitions/937.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.49.146.205 , United States, ASN35 (MITRE-AS-1, US),

Reverse DNS

Software

Resource Hash

089bcd4c5f81566be892fbf32206647e140e01c0a9859221252ab97b6e71898c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cwe.mitre.org/data/definitions/937.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 15 Dec 2023 14:42:14 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Last-Modified: Thu, 27 Oct 2022 18:22:17 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=98
Content-Length: 6142
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK cwe_top_25_logo_simple.svg
cwe.mitre.org/images/ 4 KB
6 KB 116ms
116ms Image
image/svg+xml 198.49.146.205
MITRE-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cwe.mitre.org/images/cwe_top_25_logo_simple.svg

Requested by

Host: cwe.mitre.org
URL: https://cwe.mitre.org/data/definitions/937.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.49.146.205 , United States, ASN35 (MITRE-AS-1, US),

Reverse DNS

Software

Resource Hash

6850f8c11e339c371ab41259665b6ac99ffc0ae9ce2fbd6666830502dace2d7c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cwe.mitre.org/data/definitions/937.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 15 Dec 2023 14:42:14 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Last-Modified: Wed, 27 Oct 2021 19:11:37 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=98
Content-Length: 4355
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK twitter_sm.png
cwe.mitre.org/images/ 505 B
2 KB 118ms
117ms Image
image/png 198.49.146.205
MITRE-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cwe.mitre.org/images/twitter_sm.png

Requested by

Host: cwe.mitre.org
URL: https://cwe.mitre.org/data/definitions/937.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.49.146.205 , United States, ASN35 (MITRE-AS-1, US),

Reverse DNS

Software

Resource Hash

ae81496f04257baaf6f68a6d4fb107e6cb77748c03dfd2d0c6d4156377886e4b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cwe.mitre.org/data/definitions/937.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 15 Dec 2023 14:42:14 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Last-Modified: Mon, 05 Aug 2019 16:17:33 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=98
Content-Length: 505
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK mastodon-logo.png
cwe.mitre.org/images/ 5 KB
6 KB 107ms
107ms Image
image/png 198.49.146.205
MITRE-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cwe.mitre.org/images/mastodon-logo.png

Requested by

Host: cwe.mitre.org
URL: https://cwe.mitre.org/data/definitions/937.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.49.146.205 , United States, ASN35 (MITRE-AS-1, US),

Reverse DNS

Software

Resource Hash

11eeeae5d1f052823c5c643d0beecf910f949d254738a38f78745f365c11fca3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cwe.mitre.org/data/definitions/937.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 15 Dec 2023 14:42:14 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Last-Modified: Thu, 26 Oct 2023 14:16:32 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=96
Content-Length: 4787
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK linkedin_sm.jpg
cwe.mitre.org/images/ 2 KB
3 KB 108ms
108ms Image
image/jpeg 198.49.146.205
MITRE-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cwe.mitre.org/images/linkedin_sm.jpg

Requested by

Host: cwe.mitre.org
URL: https://cwe.mitre.org/data/definitions/937.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.49.146.205 , United States, ASN35 (MITRE-AS-1, US),

Reverse DNS

Software

Resource Hash

5303ee071624118265bc27f60bb0eae87132cbeeb037ef57f67541fbe84727e0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cwe.mitre.org/data/definitions/937.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 15 Dec 2023 14:42:14 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Last-Modified: Wed, 06 May 2020 14:08:06 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=97
Content-Length: 1701
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK youtube.png
cwe.mitre.org/images/ 8 KB
9 KB 117ms
117ms Image
image/png 198.49.146.205
MITRE-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cwe.mitre.org/images/youtube.png

Requested by

Host: cwe.mitre.org
URL: https://cwe.mitre.org/data/definitions/937.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.49.146.205 , United States, ASN35 (MITRE-AS-1, US),

Reverse DNS

Software

Resource Hash

731cbb6f96f49fe985454b15598f31b5da932ab5822e906ba1103e2f58bb8aea

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cwe.mitre.org/data/definitions/937.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 15 Dec 2023 14:42:15 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Last-Modified: Fri, 02 Jul 2021 14:34:07 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=97
Content-Length: 7778
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK out_of_bounds_read_logo.png
cwe.mitre.org/images/ 86 KB
87 KB 116ms
115ms Image
image/png 198.49.146.205
MITRE-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cwe.mitre.org/images/out_of_bounds_read_logo.png

Requested by

Host: cwe.mitre.org
URL: https://cwe.mitre.org/data/definitions/937.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.49.146.205 , United States, ASN35 (MITRE-AS-1, US),

Reverse DNS

Software

Resource Hash

ab124699905db5398b613f1fd2219ffdc423f7e1d7efc58704b7180d0b2a4fe6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cwe.mitre.org/data/definitions/937.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 15 Dec 2023 14:42:15 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Last-Modified: Fri, 16 Jul 2021 20:07:56 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=97
Content-Length: 87713
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK medium_sm.png
cwe.mitre.org/images/ 470 B
2 KB 118ms
117ms Image
image/png 198.49.146.205
MITRE-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cwe.mitre.org/images/medium_sm.png

Requested by

Host: cwe.mitre.org
URL: https://cwe.mitre.org/data/definitions/937.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.49.146.205 , United States, ASN35 (MITRE-AS-1, US),

Reverse DNS

Software

Resource Hash

c2bf3e0253f20bd3978f8b239be7d025f1cbe665f6ca62ef28f44516ca516038

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cwe.mitre.org/data/definitions/937.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 15 Dec 2023 14:42:15 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Last-Modified: Fri, 04 Sep 2020 21:20:36 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=96
Content-Length: 470
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK close.gif
cwe.mitre.org/images/layout/ 252 B
2 KB 109ms
108ms Image
image/gif 198.49.146.205
MITRE-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cwe.mitre.org/images/layout/close.gif

Requested by

Host: cwe.mitre.org
URL: https://cwe.mitre.org/data/definitions/937.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.49.146.205 , United States, ASN35 (MITRE-AS-1, US),

Reverse DNS

Software

Resource Hash

83f96adc7d175e72b053f6a43d92c2f85b01598fef039dd193f41abc95514c4c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cwe.mitre.org/data/definitions/937.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 15 Dec 2023 14:42:14 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Last-Modified: Wed, 30 Mar 2011 23:14:10 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=97
Content-Length: 252
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK nav.js Show response
cwe.mitre.org/includes/ 3 KB
5 KB 116ms
115ms Script
application/javascript 198.49.146.205
MITRE-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cwe.mitre.org/includes/nav.js

Requested by

Host: cwe.mitre.org
URL: https://cwe.mitre.org/data/definitions/937.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.49.146.205 , United States, ASN35 (MITRE-AS-1, US),

Reverse DNS

Software

Resource Hash

5f39505f3a6be6c3ca7247880788e524b53d99341b03757acb4d3a472525209e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cwe.mitre.org/data/definitions/937.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 15 Dec 2023 14:42:14 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Last-Modified: Thu, 26 Jan 2023 15:48:36 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=97
Content-Length: 3458
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK head_more.gif
cwe.mitre.org/images/ 317 B
2 KB 117ms
116ms Image
image/gif 198.49.146.205
MITRE-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cwe.mitre.org/images/head_more.gif

Requested by

Host: cwe.mitre.org
URL: https://cwe.mitre.org/data/definitions/937.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.49.146.205 , United States, ASN35 (MITRE-AS-1, US),

Reverse DNS

Software

Resource Hash

41b9f992c6f34a5d17a32da65ba892e2a8bda6b3d4aa46f13b6a72b323a2233e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cwe.mitre.org/data/definitions/937.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 15 Dec 2023 14:42:14 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Last-Modified: Sat, 21 Mar 2009 03:45:24 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=98
Content-Length: 317
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK view.gif
cwe.mitre.org/images/icons/ 167 B
2 KB 118ms
118ms Image
image/gif 198.49.146.205
MITRE-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cwe.mitre.org/images/icons/view.gif

Requested by

Host: cwe.mitre.org
URL: https://cwe.mitre.org/data/definitions/937.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.49.146.205 , United States, ASN35 (MITRE-AS-1, US),

Reverse DNS

Software

Resource Hash

77ae85ad8ed626eb5054b9c45a2a33f00632c1d497dac4bf0398262d4febd3c1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cwe.mitre.org/data/definitions/937.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 15 Dec 2023 14:42:15 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Last-Modified: Tue, 13 Oct 2009 02:54:54 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=97
Content-Length: 167
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK category.gif
cwe.mitre.org/images/icons/ 141 B
2 KB 220ms
109ms Image
image/gif 198.49.146.205
MITRE-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cwe.mitre.org/images/icons/category.gif

Requested by

Host: cwe.mitre.org
URL: https://cwe.mitre.org/data/definitions/937.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.49.146.205 , United States, ASN35 (MITRE-AS-1, US),

Reverse DNS

Software

Resource Hash

0bcc8d5bf24639fb0f2e8a5d266118fedd203c00893c6219ba5933ce96396a1a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cwe.mitre.org/data/definitions/937.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 15 Dec 2023 14:42:15 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Last-Modified: Tue, 13 Oct 2009 02:54:53 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=95
Content-Length: 141
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK head_less.gif
cwe.mitre.org/images/ 329 B
2 KB 222ms
111ms Image
image/gif 198.49.146.205
MITRE-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cwe.mitre.org/images/head_less.gif

Requested by

Host: cwe.mitre.org
URL: https://cwe.mitre.org/data/definitions/937.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.49.146.205 , United States, ASN35 (MITRE-AS-1, US),

Reverse DNS

Software

Resource Hash

867906098aab46c47d06bbe7f518518fdec4d9e818fd743ff57239ac4f1f5ec4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cwe.mitre.org/data/definitions/937.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 15 Dec 2023 14:42:15 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Last-Modified: Sat, 21 Mar 2009 03:45:24 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=96
Content-Length: 329
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK mitre_logo.gif
cwe.mitre.org/images/ 2 KB
4 KB 270ms
112ms Image
image/gif 198.49.146.205
MITRE-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cwe.mitre.org/images/mitre_logo.gif

Requested by

Host: cwe.mitre.org
URL: https://cwe.mitre.org/data/definitions/937.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.49.146.205 , United States, ASN35 (MITRE-AS-1, US),

Reverse DNS

Software

Resource Hash

99871354637f0dff787c57cc0e46b7f3b3b9f1224499aeb3afd4a3bd95d1ab8f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cwe.mitre.org/data/definitions/937.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 15 Dec 2023 14:42:15 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Last-Modified: Thu, 07 May 2020 22:45:16 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=94
Content-Length: 2321
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK twitter.jpg
cwe.mitre.org/images/ 2 KB
3 KB 156ms
109ms Image
image/jpeg 198.49.146.205
MITRE-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cwe.mitre.org/images/twitter.jpg

Requested by

Host: cwe.mitre.org
URL: https://cwe.mitre.org/data/definitions/937.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.49.146.205 , United States, ASN35 (MITRE-AS-1, US),

Reverse DNS

Software

Resource Hash

346961c4ac5ab5a53d9eb6465bf9bb02228b1579d47f2276cc8b69e6b2585c11

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cwe.mitre.org/data/definitions/937.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 15 Dec 2023 14:42:15 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Last-Modified: Mon, 05 Aug 2019 16:17:33 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=95
Content-Length: 1726
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK medium.png
cwe.mitre.org/images/ 11 KB
13 KB 157ms
110ms Image
image/png 198.49.146.205
MITRE-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cwe.mitre.org/images/medium.png

Requested by

Host: cwe.mitre.org
URL: https://cwe.mitre.org/data/definitions/937.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.49.146.205 , United States, ASN35 (MITRE-AS-1, US),

Reverse DNS

Software

Resource Hash

6e43b9f753ce30eeaed1eb9895e5681efa5df220c01375054c9fe59d0ab40497

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cwe.mitre.org/data/definitions/937.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 15 Dec 2023 14:42:15 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Last-Modified: Fri, 04 Sep 2020 21:19:46 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=96
Content-Length: 11661
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK hssedi.png
cwe.mitre.org/images/ 7 KB
9 KB 221ms
111ms Image
image/png 198.49.146.205
MITRE-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cwe.mitre.org/images/hssedi.png

Requested by

Host: cwe.mitre.org
URL: https://cwe.mitre.org/data/definitions/937.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.49.146.205 , United States, ASN35 (MITRE-AS-1, US),

Reverse DNS

Software

Resource Hash

b5628066d6bd933819ea47f9f8b875ab55cfc12b468a49ec4dffc3a7275773ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cwe.mitre.org/data/definitions/937.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 15 Dec 2023 14:42:15 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Last-Modified: Tue, 05 May 2020 21:56:30 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=96
Content-Length: 7223
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK print.css
cwe.mitre.org/css/ 396 B
2 KB 110ms
110ms Stylesheet
text/css 198.49.146.205
MITRE-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cwe.mitre.org/css/print.css?version=1.11

Requested by

Host: cwe.mitre.org
URL: https://cwe.mitre.org/data/definitions/937.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.49.146.205 , United States, ASN35 (MITRE-AS-1, US),

Reverse DNS

Software

Resource Hash

81d1e9d0e7939571ba15c8449f639999e02527acb253cd2440bdf37f7ab8b694

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cwe.mitre.org/data/definitions/937.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 15 Dec 2023 14:42:15 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Last-Modified: Tue, 23 Mar 2021 14:31:29 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=95
Content-Length: 396
X-XSS-Protection: 1; mode=block

GET
BLOB 200
OK e0b37237-aea3-4e2c-8141-2a9828372f85
https://cwe.mitre.org/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://cwe.mitre.org/e0b37237-aea3-4e2c-8141-2a9828372f85
Requested by: Host: cwe.mitre.org
URL: https://cwe.mitre.org/data/definitions/937.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 140ms
42ms Script
text/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzyhULTdPkqmy4aDN/318aa814-0420-45bb-857d-8fb5fac33ff8/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cwe.mitre.org/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 15 Dec 2023 13:49:53 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3142
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Fri, 15 Dec 2023 15:49:53 GMT

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.cwe.mitre.org/	1969-12-31 23:59:59	Name: TS01c50eb2 Value: 012ca1a6c4a66002a1196c59e193929ad9fe843fc5adb9dfc7f0a92f6713a0818e2b2e1827335e403169c57718d89629d86e13f412
			cwe.mitre.org/	1970-01-21 01:43:07	Name: custom_version Value: 1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://cmp.osano.com/AzyhULTdPkqmy4aDN/318aa814-0420-45bb-857d-8fb5fac33ff8/osano.js(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ssl.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://cmp.osano.com/AzyhULTdPkqmy4aDN/318aa814-0420-45bb-857d-8fb5fac33ff8/osano.js(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ssl.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com .osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org .mitre.org .google.com .withgoogle.com .googleadservices.com .google-analytics.com www.googletagmanager.com .gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cmp.osano.com
cwe.mitre.org
ssl.google-analytics.com
198.49.146.205
2600:9000:211e:7e00:3:b7e:8940:93a1
2a00:1450:4001:80b::2008
0077d821af2249e71254a8d02c687957c3c0a60a017684266ac9f23a73de7aa7
03ff13335ad1c60cc94438b640a5960350625473f3ad883bca924a04f31b4d9c
089bcd4c5f81566be892fbf32206647e140e01c0a9859221252ab97b6e71898c
0bcc8d5bf24639fb0f2e8a5d266118fedd203c00893c6219ba5933ce96396a1a
11eeeae5d1f052823c5c643d0beecf910f949d254738a38f78745f365c11fca3
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
255eb175f448dcc07b181bfd659421f02daa50f4fd9c4209f7b81614f360f7b8
29c9e8752f25b17961e3c6ff72de34b1f1a157dfc5fabb68bd148b8ec9002b17
346961c4ac5ab5a53d9eb6465bf9bb02228b1579d47f2276cc8b69e6b2585c11
41b9f992c6f34a5d17a32da65ba892e2a8bda6b3d4aa46f13b6a72b323a2233e
4f84d4a6ea9f0f49d674ad44f84f65b98d3e610c31c242d38be25ddea15330aa
5303ee071624118265bc27f60bb0eae87132cbeeb037ef57f67541fbe84727e0
577ac33e015720672448e86ad80edc6d9a570a7fdc4f7aea447c0fc5441ad807
5f39505f3a6be6c3ca7247880788e524b53d99341b03757acb4d3a472525209e
6850f8c11e339c371ab41259665b6ac99ffc0ae9ce2fbd6666830502dace2d7c
6e43b9f753ce30eeaed1eb9895e5681efa5df220c01375054c9fe59d0ab40497
731cbb6f96f49fe985454b15598f31b5da932ab5822e906ba1103e2f58bb8aea
77ae85ad8ed626eb5054b9c45a2a33f00632c1d497dac4bf0398262d4febd3c1
81d1e9d0e7939571ba15c8449f639999e02527acb253cd2440bdf37f7ab8b694
83f96adc7d175e72b053f6a43d92c2f85b01598fef039dd193f41abc95514c4c
867906098aab46c47d06bbe7f518518fdec4d9e818fd743ff57239ac4f1f5ec4
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108
99871354637f0dff787c57cc0e46b7f3b3b9f1224499aeb3afd4a3bd95d1ab8f
ab124699905db5398b613f1fd2219ffdc423f7e1d7efc58704b7180d0b2a4fe6
ae81496f04257baaf6f68a6d4fb107e6cb77748c03dfd2d0c6d4156377886e4b
b55d269df48e247f9ff26a8f15b7d97817bfa0f3c25eb7059d9f517b5aa2f54d
b5628066d6bd933819ea47f9f8b875ab55cfc12b468a49ec4dffc3a7275773ab
b653ee0f761edfd0acbd114f114711c0eef95df6c4222eb5c25e657b037f14ff
c2bf3e0253f20bd3978f8b239be7d025f1cbe665f6ca62ef28f44516ca516038
c7a25cd1efba7488dae130ea37d363aeab0a90c030935dc61c56854d6c1c06c3
d08695b40e67356734c4441e150e531523d14c1dc4eb11c6cde54864afea81a5
d16c0c6eed2b738c37c1803e878bbd399cf88831b62c2d0e13bfec09f9f0b0bb
d480d1a477e04b0c062367ccc2d1d4aaaab9f40e98db1dad245a7f77cad5ae4a
df16d9b2013663b079fb6af38b223ff8ee97fa3f9b7101e7163d917d3f27e8bc
ec66cb05612c7e9126c4e3e8d3668b969ef4fd93a215af173298770a436d6054
fdb461f3de8ccf2fde57f09c07b6bd3fec04b1bdb18dfcbaaad0265388c95cab

cwe.mitre.org Open in urlscan Pro 198.49.146.205 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

36 Requests

97 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

4 IPs

2 Countries

563 kBTransfer

776 kBSize

2 Cookies

11 Outgoing links

Page URL History

Redirected requests

36 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

cwe.mitre.org Open in urlscan Pro
198.49.146.205 Public Scan

Screenshot
Live screenshot

Full Image

36
Requests

97 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

563 kB
Transfer

776 kB
Size

2
Cookies

36 HTTP transactions
0 data transactions