Submitted URL: http://capec.mitre.org/data/definitions/103.html
Effective URL: https://capec.mitre.org/data/definitions/103.html
Submission: On November 06 via api from GB — Scanned from GB

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 30 HTTP transactions. The main IP is 198.49.146.205, located in United States and belongs to MITRE-AS-1, US. The main domain is capec.mitre.org.
TLS certificate: Issued by Entrust Certification Authority - L1K on February 27th 2023. Valid for: a year.
This is the only time capec.mitre.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 192.52.194.205 35 (MITRE-AS-1)
26 198.49.146.205 35 (MITRE-AS-1)
1 2600:9000:223... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
30 4
Apex Domain
Subdomains
Transfer
27 mitre.org
capec.mitre.org
291 KB
1 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 574
17 KB
1 osano.com
cmp.osano.com — Cisco Umbrella Rank: 5281
84 KB
0 doubleclick.net Failed
stats.g.doubleclick.net Failed
30 4
Domain Requested by
27 capec.mitre.org 1 redirects capec.mitre.org
cmp.osano.com
1 ssl.google-analytics.com cmp.osano.com
1 cmp.osano.com capec.mitre.org
0 stats.g.doubleclick.net Failed capec.mitre.org
30 4
Subject Issuer Validity Valid
msm.mitre.org
Entrust Certification Authority - L1K
2023-02-27 -
2024-03-27
a year crt.sh
*.osano.com
Amazon RSA 2048 M03
2023-10-18 -
2024-11-15
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-10-16 -
2024-01-08
3 months crt.sh

This page contains 1 frames:

Primary Page: https://capec.mitre.org/data/definitions/103.html
Frame ID: EED326681BF3097B8E65A524E5FE5597
Requests: 30 HTTP requests in this frame

Screenshot

Page Title

CAPEC - CAPEC-103: Clickjacking (Version 3.9)

Page URL History Show full URLs

  1. http://capec.mitre.org/data/definitions/103.html HTTP 302
    https://capec.mitre.org/data/definitions/103.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

30
Requests

93 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

391 kB
Transfer

612 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://capec.mitre.org/data/definitions/103.html HTTP 302
    https://capec.mitre.org/data/definitions/103.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=450108079&utmhn=capec.mitre.org&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=CAPEC%20-%20CAPEC-103%3A%20Clickjacking%20(Version%203.9)&utmhid=153987612&utmr=-&utmp=%2Fdata%2Fdefinitions%2F103.html&utmht=1699279931271&utmac=UA-12242070-1&utmcc=__utma%3D176404535.818860007.1699279931.1699279931.1699279931.1%3B%2B__utmz%3D176404535.1699279931.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1146029822&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 0
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-12242070-1&cid=818860007.1699279931&jid=1146029822&_v=5.7.2&z=450108079

30 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request 103.html
capec.mitre.org/data/definitions/
Redirect Chain
  • http://capec.mitre.org/data/definitions/103.html
  • https://capec.mitre.org/data/definitions/103.html
41 KB
43 KB
Document
General
Full URL
https://capec.mitre.org/data/definitions/103.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.49.146.205 , United States, ASN35 (MITRE-AS-1, US),
Reverse DNS
Software
/
Resource Hash
53f3dd76e909ad9c29ec063e5690ffe334aa5b19a814fe8e706831537b04ff8b
Security Headers
Name Value
Content-Security-Policy default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Security-Policy
default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Content-Type
text/html
Date
Mon, 06 Nov 2023 14:12:09 GMT
Keep-Alive
timeout=15, max=100
Strict-Transport-Security
max-age=15768000; includeSubDomains; preload
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block

Redirect headers

Connection
Keep-Alive
Content-Length
0
Location
https://capec.mitre.org/data/definitions/103.html
Server
BigIP
main.css
capec.mitre.org/css/
52 KB
54 KB
Stylesheet
General
Full URL
https://capec.mitre.org/css/main.css?version=3.6.102121
Requested by
Host: capec.mitre.org
URL: https://capec.mitre.org/data/definitions/103.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.49.146.205 , United States, ASN35 (MITRE-AS-1, US),
Reverse DNS
Software
/
Resource Hash
d036852c6f37b736da1dd645ed23d2280d76b766e44a08579e7329e5de4d8686
Security Headers
Name Value
Content-Security-Policy default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://capec.mitre.org/data/definitions/103.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 14:12:10 GMT
Strict-Transport-Security
max-age=15768000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Last-Modified
Thu, 23 Feb 2023 15:03:52 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
53581
X-XSS-Protection
1; mode=block
safari.css
capec.mitre.org/css/
251 B
2 KB
Stylesheet
General
Full URL
https://capec.mitre.org/css/safari.css
Requested by
Host: capec.mitre.org
URL: https://capec.mitre.org/data/definitions/103.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.49.146.205 , United States, ASN35 (MITRE-AS-1, US),
Reverse DNS
Software
/
Resource Hash
d60027dc85af351754ca5b92647e6e583a121a41d847d9d7e55a10a47261f7a0
Security Headers
Name Value
Content-Security-Policy default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://capec.mitre.org/data/definitions/103.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 14:12:10 GMT
Strict-Transport-Security
max-age=15768000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Last-Modified
Tue, 27 Dec 2016 20:20:56 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
251
X-XSS-Protection
1; mode=block
jquery.js
capec.mitre.org/includes/
56 KB
57 KB
Script
General
Full URL
https://capec.mitre.org/includes/jquery.js
Requested by
Host: capec.mitre.org
URL: https://capec.mitre.org/data/definitions/103.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.49.146.205 , United States, ASN35 (MITRE-AS-1, US),
Reverse DNS
Software
/
Resource Hash
29133962ccf97017876e2a59a345433a326ea9debced53451c44e39707f36800
Security Headers
Name Value
Content-Security-Policy default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://capec.mitre.org/data/definitions/103.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 14:12:10 GMT
Strict-Transport-Security
max-age=15768000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Last-Modified
Mon, 21 Sep 2009 16:42:05 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
57272
X-XSS-Protection
1; mode=block
capec_minimizer.js
capec.mitre.org/includes/
4 KB
6 KB
Script
General
Full URL
https://capec.mitre.org/includes/capec_minimizer.js
Requested by
Host: capec.mitre.org
URL: https://capec.mitre.org/data/definitions/103.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.49.146.205 , United States, ASN35 (MITRE-AS-1, US),
Reverse DNS
Software
/
Resource Hash
5fb335397312719c308f6ce8863fc63298c61d4a72fb50c8104eb0c503512d9a
Security Headers
Name Value
Content-Security-Policy default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://capec.mitre.org/data/definitions/103.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 14:12:10 GMT
Strict-Transport-Security
max-age=15768000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Last-Modified
Fri, 30 Dec 2022 05:17:51 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
4208
X-XSS-Protection
1; mode=block
browserheight.js
capec.mitre.org/includes/
2 KB
4 KB
Script
General
Full URL
https://capec.mitre.org/includes/browserheight.js
Requested by
Host: capec.mitre.org
URL: https://capec.mitre.org/data/definitions/103.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.49.146.205 , United States, ASN35 (MITRE-AS-1, US),
Reverse DNS
Software
/
Resource Hash
3cc2ee62092fc185d88a6e5d46c7d1debfec6ba728fdd37046ea2f6a59d5843e
Security Headers
Name Value
Content-Security-Policy default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://capec.mitre.org/data/definitions/103.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 14:12:10 GMT
Strict-Transport-Security
max-age=15768000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Last-Modified
Thu, 25 Apr 2013 16:03:16 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
2115
X-XSS-Protection
1; mode=block
cookie.js
capec.mitre.org/includes/
3 KB
5 KB
Script
General
Full URL
https://capec.mitre.org/includes/cookie.js
Requested by
Host: capec.mitre.org
URL: https://capec.mitre.org/data/definitions/103.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.49.146.205 , United States, ASN35 (MITRE-AS-1, US),
Reverse DNS
Software
/
Resource Hash
a660679f984ba15ccabfe2fec732da5005c1ed6b7bd735bf313a237fe63cf1c9
Security Headers
Name Value
Content-Security-Policy default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://capec.mitre.org/data/definitions/103.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 14:12:10 GMT
Strict-Transport-Security
max-age=15768000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Last-Modified
Wed, 18 Jan 2023 18:50:39 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
3547
X-XSS-Protection
1; mode=block
capec_logo_new2.gif
capec.mitre.org/images/
3 KB
4 KB
Image
General
Full URL
https://capec.mitre.org/images/capec_logo_new2.gif
Requested by
Host: capec.mitre.org
URL: https://capec.mitre.org/data/definitions/103.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.49.146.205 , United States, ASN35 (MITRE-AS-1, US),
Reverse DNS
Software
/
Resource Hash
ae9144de528d9675470225202d8f7a4e9c6115503a8f3334d2718fe82e982c24
Security Headers
Name Value
Content-Security-Policy default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://capec.mitre.org/data/definitions/103.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 14:12:10 GMT
Strict-Transport-Security
max-age=15768000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Last-Modified
Fri, 16 Dec 2016 19:08:53 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=98
Content-Length
2731
X-XSS-Protection
1; mode=block
new_to_capec.png
capec.mitre.org/images/
25 KB
26 KB
Image
General
Full URL
https://capec.mitre.org/images/new_to_capec.png
Requested by
Host: capec.mitre.org
URL: https://capec.mitre.org/data/definitions/103.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.49.146.205 , United States, ASN35 (MITRE-AS-1, US),
Reverse DNS
Software
/
Resource Hash
f91cfd3b205fda28af3c421d581073a6f1a7fe4878a9ab0f601902874090ae89
Security Headers
Name Value
Content-Security-Policy default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://capec.mitre.org/data/definitions/103.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 14:12:10 GMT
Strict-Transport-Security
max-age=15768000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Last-Modified
Wed, 23 Jun 2021 22:46:52 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
25143
X-XSS-Protection
1; mode=block
twitter_sm.png
capec.mitre.org/images/
505 B
2 KB
Image
General
Full URL
https://capec.mitre.org/images/twitter_sm.png
Requested by
Host: capec.mitre.org
URL: https://capec.mitre.org/data/definitions/103.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.49.146.205 , United States, ASN35 (MITRE-AS-1, US),
Reverse DNS
Software
/
Resource Hash
ae81496f04257baaf6f68a6d4fb107e6cb77748c03dfd2d0c6d4156377886e4b
Security Headers
Name Value
Content-Security-Policy default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://capec.mitre.org/data/definitions/103.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 14:12:10 GMT
Strict-Transport-Security
max-age=15768000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Last-Modified
Wed, 26 Jun 2019 18:02:38 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=98
Content-Length
505
X-XSS-Protection
1; mode=block
linkedin_sm.jpg
capec.mitre.org/images/
2 KB
3 KB
Image
General
Full URL
https://capec.mitre.org/images/linkedin_sm.jpg
Requested by
Host: capec.mitre.org
URL: https://capec.mitre.org/data/definitions/103.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.49.146.205 , United States, ASN35 (MITRE-AS-1, US),
Reverse DNS
Software
/
Resource Hash
5303ee071624118265bc27f60bb0eae87132cbeeb037ef57f67541fbe84727e0
Security Headers
Name Value
Content-Security-Policy default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://capec.mitre.org/data/definitions/103.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 14:12:10 GMT
Strict-Transport-Security
max-age=15768000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Last-Modified
Wed, 06 May 2020 17:02:40 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
1701
X-XSS-Protection
1; mode=block
medium.png
capec.mitre.org/images/
3 KB
5 KB
Image
General
Full URL
https://capec.mitre.org/images/medium.png
Requested by
Host: capec.mitre.org
URL: https://capec.mitre.org/data/definitions/103.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.49.146.205 , United States, ASN35 (MITRE-AS-1, US),
Reverse DNS
Software
/
Resource Hash
e659ff06f860e6d063d665cdd571dc731f208067a4d993c9b0f72ee10a3555ac
Security Headers
Name Value
Content-Security-Policy default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://capec.mitre.org/data/definitions/103.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 14:12:10 GMT
Strict-Transport-Security
max-age=15768000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Last-Modified
Wed, 13 Apr 2022 18:22:22 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
3528
X-XSS-Protection
1; mode=block
out_of_bounds_read_logo_B_W.png
capec.mitre.org/images/
34 KB
36 KB
Image
General
Full URL
https://capec.mitre.org/images/out_of_bounds_read_logo_B_W.png
Requested by
Host: capec.mitre.org
URL: https://capec.mitre.org/data/definitions/103.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.49.146.205 , United States, ASN35 (MITRE-AS-1, US),
Reverse DNS
Software
/
Resource Hash
7adf75fa82807e22509f1e95209812b39503aadf813773f7f30c1d24254d7ff4
Security Headers
Name Value
Content-Security-Policy default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://capec.mitre.org/data/definitions/103.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 14:12:10 GMT
Strict-Transport-Security
max-age=15768000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Last-Modified
Wed, 13 Apr 2022 23:59:56 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
34880
X-XSS-Protection
1; mode=block
youtube.png
capec.mitre.org/images/
8 KB
9 KB
Image
General
Full URL
https://capec.mitre.org/images/youtube.png
Requested by
Host: capec.mitre.org
URL: https://capec.mitre.org/data/definitions/103.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.49.146.205 , United States, ASN35 (MITRE-AS-1, US),
Reverse DNS
Software
/
Resource Hash
731cbb6f96f49fe985454b15598f31b5da932ab5822e906ba1103e2f58bb8aea
Security Headers
Name Value
Content-Security-Policy default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://capec.mitre.org/data/definitions/103.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 14:12:10 GMT
Strict-Transport-Security
max-age=15768000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Last-Modified
Wed, 13 Apr 2022 17:29:01 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=98
Content-Length
7778
X-XSS-Protection
1; mode=block
nav.js
capec.mitre.org/includes/
3 KB
5 KB
Script
General
Full URL
https://capec.mitre.org/includes/nav.js
Requested by
Host: capec.mitre.org
URL: https://capec.mitre.org/data/definitions/103.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.49.146.205 , United States, ASN35 (MITRE-AS-1, US),
Reverse DNS
Software
/
Resource Hash
42424ae35875e8d3fa61ac7a677ca627b934a4a83f13eec8f0666a1c8939fb0d
Security Headers
Name Value
Content-Security-Policy default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://capec.mitre.org/data/definitions/103.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 14:12:10 GMT
Strict-Transport-Security
max-age=15768000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Last-Modified
Mon, 21 Sep 2009 16:42:05 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
3428
X-XSS-Protection
1; mode=block
head_more.gif
capec.mitre.org/images/
317 B
2 KB
Image
General
Full URL
https://capec.mitre.org/images/head_more.gif
Requested by
Host: capec.mitre.org
URL: https://capec.mitre.org/data/definitions/103.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.49.146.205 , United States, ASN35 (MITRE-AS-1, US),
Reverse DNS
Software
/
Resource Hash
41b9f992c6f34a5d17a32da65ba892e2a8bda6b3d4aa46f13b6a72b323a2233e
Security Headers
Name Value
Content-Security-Policy default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://capec.mitre.org/data/definitions/103.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 14:12:10 GMT
Strict-Transport-Security
max-age=15768000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Last-Modified
Mon, 21 Sep 2009 16:43:27 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=97
Content-Length
317
X-XSS-Protection
1; mode=block
dictionary.gif
capec.mitre.org/images/
1 KB
2 KB
Image
General
Full URL
https://capec.mitre.org/images/dictionary.gif
Requested by
Host: capec.mitre.org
URL: https://capec.mitre.org/data/definitions/103.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.49.146.205 , United States, ASN35 (MITRE-AS-1, US),
Reverse DNS
Software
/
Resource Hash
454faced5c927a06db779490acb8da97dde9e65c77d65a64e2a34be53aaf6409
Security Headers
Name Value
Content-Security-Policy default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://capec.mitre.org/data/definitions/103.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 14:12:10 GMT
Strict-Transport-Security
max-age=15768000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Last-Modified
Mon, 21 Sep 2009 16:43:27 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=98
Content-Length
1042
X-XSS-Protection
1; mode=block
meta_ap.gif
capec.mitre.org/images/icons/
189 B
2 KB
Image
General
Full URL
https://capec.mitre.org/images/icons/meta_ap.gif
Requested by
Host: capec.mitre.org
URL: https://capec.mitre.org/data/definitions/103.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.49.146.205 , United States, ASN35 (MITRE-AS-1, US),
Reverse DNS
Software
/
Resource Hash
08f1679d4338d335d3c00f1dd6b64c73396346c8ef7a954b810884dc8d912caa
Security Headers
Name Value
Content-Security-Policy default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://capec.mitre.org/data/definitions/103.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 14:12:10 GMT
Strict-Transport-Security
max-age=15768000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Last-Modified
Tue, 22 Jun 2021 13:30:58 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=96
Content-Length
189
X-XSS-Protection
1; mode=block
detailed_ap.gif
capec.mitre.org/images/icons/
185 B
2 KB
Image
General
Full URL
https://capec.mitre.org/images/icons/detailed_ap.gif
Requested by
Host: capec.mitre.org
URL: https://capec.mitre.org/data/definitions/103.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.49.146.205 , United States, ASN35 (MITRE-AS-1, US),
Reverse DNS
Software
/
Resource Hash
7293d34ac7674f429546ffe75e25ba293174a25b509d64dc572a8a03765cfb3b
Security Headers
Name Value
Content-Security-Policy default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://capec.mitre.org/data/definitions/103.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 14:12:10 GMT
Strict-Transport-Security
max-age=15768000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Last-Modified
Tue, 22 Jun 2021 13:30:58 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=98
Content-Length
185
X-XSS-Protection
1; mode=block
head_less.gif
capec.mitre.org/images/
329 B
2 KB
Image
General
Full URL
https://capec.mitre.org/images/head_less.gif
Requested by
Host: capec.mitre.org
URL: https://capec.mitre.org/data/definitions/103.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.49.146.205 , United States, ASN35 (MITRE-AS-1, US),
Reverse DNS
Software
/
Resource Hash
867906098aab46c47d06bbe7f518518fdec4d9e818fd743ff57239ac4f1f5ec4
Security Headers
Name Value
Content-Security-Policy default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://capec.mitre.org/data/definitions/103.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 14:12:10 GMT
Strict-Transport-Security
max-age=15768000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Last-Modified
Mon, 21 Sep 2009 16:43:27 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=97
Content-Length
329
X-XSS-Protection
1; mode=block
mitre_logo.gif
capec.mitre.org/images/
2 KB
4 KB
Image
General
Full URL
https://capec.mitre.org/images/mitre_logo.gif
Requested by
Host: capec.mitre.org
URL: https://capec.mitre.org/data/definitions/103.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.49.146.205 , United States, ASN35 (MITRE-AS-1, US),
Reverse DNS
Software
/
Resource Hash
99871354637f0dff787c57cc0e46b7f3b3b9f1224499aeb3afd4a3bd95d1ab8f
Security Headers
Name Value
Content-Security-Policy default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://capec.mitre.org/data/definitions/103.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 14:12:10 GMT
Strict-Transport-Security
max-age=15768000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Last-Modified
Thu, 07 May 2020 23:02:27 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=95
Content-Length
2321
X-XSS-Protection
1; mode=block
twitter.jpg
capec.mitre.org/images/
2 KB
3 KB
Image
General
Full URL
https://capec.mitre.org/images/twitter.jpg
Requested by
Host: capec.mitre.org
URL: https://capec.mitre.org/data/definitions/103.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.49.146.205 , United States, ASN35 (MITRE-AS-1, US),
Reverse DNS
Software
/
Resource Hash
346961c4ac5ab5a53d9eb6465bf9bb02228b1579d47f2276cc8b69e6b2585c11
Security Headers
Name Value
Content-Security-Policy default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://capec.mitre.org/data/definitions/103.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 14:12:10 GMT
Strict-Transport-Security
max-age=15768000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Last-Modified
Wed, 26 Jun 2019 17:53:38 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=98
Content-Length
1726
X-XSS-Protection
1; mode=block
out_of_bounds_read_sm.png
capec.mitre.org/images/
1 KB
3 KB
Image
General
Full URL
https://capec.mitre.org/images/out_of_bounds_read_sm.png
Requested by
Host: capec.mitre.org
URL: https://capec.mitre.org/data/definitions/103.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.49.146.205 , United States, ASN35 (MITRE-AS-1, US),
Reverse DNS
Software
/
Resource Hash
6342274608efb592a5d4233056d0d1d83cfaf07903373c2eae20a3712d4817e3
Security Headers
Name Value
Content-Security-Policy default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://capec.mitre.org/data/definitions/103.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 14:12:10 GMT
Strict-Transport-Security
max-age=15768000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Last-Modified
Wed, 13 Apr 2022 21:21:04 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=97
Content-Length
1495
X-XSS-Protection
1; mode=block
hssedi.png
capec.mitre.org/images/
7 KB
9 KB
Image
General
Full URL
https://capec.mitre.org/images/hssedi.png
Requested by
Host: capec.mitre.org
URL: https://capec.mitre.org/data/definitions/103.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.49.146.205 , United States, ASN35 (MITRE-AS-1, US),
Reverse DNS
Software
/
Resource Hash
b5628066d6bd933819ea47f9f8b875ab55cfc12b468a49ec4dffc3a7275773ab
Security Headers
Name Value
Content-Security-Policy default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://capec.mitre.org/data/definitions/103.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 14:12:10 GMT
Strict-Transport-Security
max-age=15768000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Last-Modified
Wed, 06 May 2020 17:02:48 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=97
Content-Length
7223
X-XSS-Protection
1; mode=block
osano.js
cmp.osano.com/AzyhULTdPkqmy4aDN/318aa814-0420-45bb-857d-8fb5fac33ff8/
314 KB
84 KB
Script
General
Full URL
https://cmp.osano.com/AzyhULTdPkqmy4aDN/318aa814-0420-45bb-857d-8fb5fac33ff8/osano.js
Requested by
Host: capec.mitre.org
URL: https://capec.mitre.org/data/definitions/103.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:ae00:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
8a0f673ca51d02fc580686521a4c68cb18a9f63ce93c18d7b4fb3653e1b27af4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://capec.mitre.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 13:57:38 GMT
content-encoding
br
via
1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P2
age
872
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
84798
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 02 Nov 2023 20:04:45 GMT
server
CloudFront
etag
"488683e11c1a1db449224696b2250833"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-id
EP_4dPsCC4MXa-0-WwChDLbAPey-BvRC7j2aMWaNtvxw1fEx7fRelQ==
print.css
capec.mitre.org/css/
258 B
2 KB
Stylesheet
General
Full URL
https://capec.mitre.org/css/print.css?version=1.0
Requested by
Host: capec.mitre.org
URL: https://capec.mitre.org/data/definitions/103.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.49.146.205 , United States, ASN35 (MITRE-AS-1, US),
Reverse DNS
Software
/
Resource Hash
60833a6a004df4d18892a121652ff1ce97d66dccf3f37559cd6bbbf954141376
Security Headers
Name Value
Content-Security-Policy default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://capec.mitre.org/data/definitions/103.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 14:12:10 GMT
Strict-Transport-Security
max-age=15768000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Last-Modified
Mon, 20 May 2019 17:45:33 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=97
Content-Length
258
X-XSS-Protection
1; mode=block
76577431-787d-44c0-960b-4efcbf90bb17
https://capec.mitre.org/
390 B
0
Other
General
Full URL
blob:https://capec.mitre.org/76577431-787d-44c0-960b-4efcbf90bb17
Requested by
Host: capec.mitre.org
URL: https://capec.mitre.org/data/definitions/103.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
ga.js
ssl.google-analytics.com/
45 KB
17 KB
Script
General
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzyhULTdPkqmy4aDN/318aa814-0420-45bb-857d-8fb5fac33ff8/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://capec.mitre.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 06 Nov 2023 13:51:38 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
1233
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Mon, 06 Nov 2023 15:51:38 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=450108079&utmhn=capec.mitre.org&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=CAPEC...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-12242070-1&cid=818860007.1699279931&jid=1146029822&_v=5.7.2&z=450108079
0
0

complete.css
capec.mitre.org/css/user_skins/
802 B
2 KB
Stylesheet
General
Full URL
https://capec.mitre.org/css/user_skins/complete.css
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzyhULTdPkqmy4aDN/318aa814-0420-45bb-857d-8fb5fac33ff8/osano.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.49.146.205 , United States, ASN35 (MITRE-AS-1, US),
Reverse DNS
Software
/
Resource Hash
164a1478869789391cd54348ab5791f5da1433dfae1b3fd6240896701452cc08
Security Headers
Name Value
Content-Security-Policy default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://capec.mitre.org/data/definitions/103.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 14:12:11 GMT
Strict-Transport-Security
max-age=15768000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Last-Modified
Wed, 11 Jan 2023 15:12:36 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=96
Content-Length
802
X-XSS-Protection
1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
stats.g.doubleclick.net
URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-12242070-1&cid=818860007.1699279931&jid=1146029822&_v=5.7.2&z=450108079

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture function| $ function| jQuery function| skinSelector function| toggleNames function| halfDisplay function| buttonSkinSelector function| browserheight function| graphic function| onloadCookie function| readCookie function| writeCookie function| onloadSelector string| plus string| minus function| showHide function| toggleblocks function| toggleAll string| less string| more function| showHideOC function| toggleblocksOC function| toggleAllOC function| Osano function| __uspapi object| _gaq object| _gat object| gaGlobal

7 Cookies

Domain/Path Name / Value
.capec.mitre.org/ Name: TS0163b97c
Value: 012ca1a6c4cd64e145863c2872206e5d0b03caf368a214f3a556dd12b3e8b247dcbbeeb044974d70bf3acfd361db41774ad60fa919
.capec.mitre.org/ Name: __utma
Value: 176404535.818860007.1699279931.1699279931.1699279931.1
.capec.mitre.org/ Name: __utmc
Value: 176404535
.capec.mitre.org/ Name: __utmz
Value: 176404535.1699279931.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.capec.mitre.org/ Name: __utmt
Value: 1
.capec.mitre.org/ Name: __utmb
Value: 176404535.1.10.1699279931
capec.mitre.org/ Name: filter
Value: complete

1 Console Messages

Source Level URL
Text
security error URL: https://capec.mitre.org/data/definitions/103.html
Message:
Refused to load the image 'https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-12242070-1&cid=818860007.1699279931&jid=1146029822&_v=5.7.2&z=450108079' because it violates the following Content Security Policy directive: "default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' mitre.org *.mitre.org *.google.com *.withgoogle.com *.googleadservices.com *.google-analytics.com www.googletagmanager.com *.gstatic.com platform.twitter.com syndication.twitter.com www.youtube.com www.youtube-nocookie.com *.osano.com play.vidyard.com; frame-ancestors 'self'; worker-src blob:
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

capec.mitre.org
cmp.osano.com
ssl.google-analytics.com
stats.g.doubleclick.net
stats.g.doubleclick.net
192.52.194.205
198.49.146.205
2600:9000:223c:ae00:3:b7e:8940:93a1
2a00:1450:4001:830::2008
08f1679d4338d335d3c00f1dd6b64c73396346c8ef7a954b810884dc8d912caa
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
164a1478869789391cd54348ab5791f5da1433dfae1b3fd6240896701452cc08
29133962ccf97017876e2a59a345433a326ea9debced53451c44e39707f36800
346961c4ac5ab5a53d9eb6465bf9bb02228b1579d47f2276cc8b69e6b2585c11
3cc2ee62092fc185d88a6e5d46c7d1debfec6ba728fdd37046ea2f6a59d5843e
41b9f992c6f34a5d17a32da65ba892e2a8bda6b3d4aa46f13b6a72b323a2233e
42424ae35875e8d3fa61ac7a677ca627b934a4a83f13eec8f0666a1c8939fb0d
454faced5c927a06db779490acb8da97dde9e65c77d65a64e2a34be53aaf6409
5303ee071624118265bc27f60bb0eae87132cbeeb037ef57f67541fbe84727e0
53f3dd76e909ad9c29ec063e5690ffe334aa5b19a814fe8e706831537b04ff8b
5fb335397312719c308f6ce8863fc63298c61d4a72fb50c8104eb0c503512d9a
60833a6a004df4d18892a121652ff1ce97d66dccf3f37559cd6bbbf954141376
6342274608efb592a5d4233056d0d1d83cfaf07903373c2eae20a3712d4817e3
7293d34ac7674f429546ffe75e25ba293174a25b509d64dc572a8a03765cfb3b
731cbb6f96f49fe985454b15598f31b5da932ab5822e906ba1103e2f58bb8aea
7adf75fa82807e22509f1e95209812b39503aadf813773f7f30c1d24254d7ff4
867906098aab46c47d06bbe7f518518fdec4d9e818fd743ff57239ac4f1f5ec4
8a0f673ca51d02fc580686521a4c68cb18a9f63ce93c18d7b4fb3653e1b27af4
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108
99871354637f0dff787c57cc0e46b7f3b3b9f1224499aeb3afd4a3bd95d1ab8f
a660679f984ba15ccabfe2fec732da5005c1ed6b7bd735bf313a237fe63cf1c9
ae81496f04257baaf6f68a6d4fb107e6cb77748c03dfd2d0c6d4156377886e4b
ae9144de528d9675470225202d8f7a4e9c6115503a8f3334d2718fe82e982c24
b5628066d6bd933819ea47f9f8b875ab55cfc12b468a49ec4dffc3a7275773ab
d036852c6f37b736da1dd645ed23d2280d76b766e44a08579e7329e5de4d8686
d60027dc85af351754ca5b92647e6e583a121a41d847d9d7e55a10a47261f7a0
e659ff06f860e6d063d665cdd571dc731f208067a4d993c9b0f72ee10a3555ac
f91cfd3b205fda28af3c421d581073a6f1a7fe4878a9ab0f601902874090ae89